1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

Strange open_basedir restriction problem

Discussion in 'Plesk for Linux - 8.x and Older' started by chrisroane, Oct 4, 2005.

  1. chrisroane

    chrisroane Guest

    I have been trying to figure out this problem for several hours now without any luck.

    Basically I have all of my php included files put into the cgi-bin directory so that they can't be loaded in the browser. Things work without a problem when I include those php files anywhere in the httpdocs folder, except when I try to access them on the secure certificate (https://).

    For this domain, I have this option checked, so that I don't have to have two sets of files:
    "Use a single directory for housing SSL and non-SSL content"

    This is in my vhost.conf file:

    <Directory "/home/httpd/vhosts/WEBSITE/httpdocs">
    php_admin_value open_basedir none

    This is in my vhost_sll.conf file:

    <Directory "/home/httpd/vhosts/WEBSITE/httpsdocs">
    php_admin_value open_basedir none

    This is the error it gives me:

    Warning: main(): open_basedir restriction in effect. File(/home/httpd/vhosts/WEBSITE/cgi-bin/include/listing_process.inc) is not within the allowed path(s): (/home/httpd/vhosts/WEBSITE/httpdocs:/tmp) in /home/httpd/vhosts/WEBSITE/httpdocs/site/listings/test_new_listing.php on line 2

    Warning: main(/home/httpd/vhosts/WEBSITE/cgi-bin/include/listing_process.inc): failed to open stream: Operation not permitted in /home/httpd/vhosts/WEBSITE/httpdocs/site/listings/test_new_listing.php on line 2

    Fatal error: main(): Failed opening required '/home/httpd/vhosts/WEBSITE/cgi-bin/include/listing_process.inc' (include_path='.:/usr/share/pear') in /home/httpd/vhosts/WEBSITE/httpdocs/site/listings/test_new_listing.php on line 2

    That error ONLY comes up when I try to access the (https://) version of the site. It loads fine when I go to the (http://) version of the site. I've read many posts on open_basedir problems, but none that describe this problem.

    Any help would be highly appreciated.
  2. Whistler

    Whistler Guest

    The name of your vhost file should be: vhost_ssl.conf - you seem to have a spelling error.

    Also remember to run a /path_to_psa/admin/bin/websrvmng --vhost-name=<the_domain> and restart Apache.
  3. chrisroane

    chrisroane Guest

    Yeah, that was a mistake in the post. The file name is vhost_ssl.conf . I just typed it wrong in the post.

    "Also remember to run a /path_to_psa/admin/bin/websrvmng --vhost-name=<the_domain> and restart Apache."

    Every time I made a change to the vhost files, I did that and restarted apache.

    This problem is frustrating. Maybe I can't have the option ""Use a single directory for housing SSL and non-SSL content" and have access to the directory I want to access, without having two copies of the files?
  4. DarkHorizons

    DarkHorizons Guest

    turn off safe mode as well.

    php_admin_value safe_mode 0

    That's what I had to do to get that to work properly for a domain situation just like yours.
  5. mikk

    mikk Basic Pleskian

    Jan 29, 2005
    Likes Received:
    You can mimick the setting

    "Use a single directory for housing SSL and non-SSL content"

    easy enough.

    cd /path/to/DOMAIN

    mv httpsdocs httpsdocs.old
    ln -s httpdocs httpsdocs
    chown -h USERNAME:psaserv httpsdocs

    Try that with your normal setup - personally i would not recommend turning safemode off unless its the very last choice.

    Although personally i would put your includes in a directory in httpdocs and simply stick a password on the directory - they can then be accessed via the filsystem but http accesses will be requested to supply authentication.