1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Strange open_basedir restriction problem

Discussion in 'Plesk for Linux - 8.x and Older' started by chrisroane, Oct 4, 2005.

  1. chrisroane

    chrisroane Guest

    0
     
    I have been trying to figure out this problem for several hours now without any luck.

    Basically I have all of my php included files put into the cgi-bin directory so that they can't be loaded in the browser. Things work without a problem when I include those php files anywhere in the httpdocs folder, except when I try to access them on the secure certificate (https://).

    For this domain, I have this option checked, so that I don't have to have two sets of files:
    "Use a single directory for housing SSL and non-SSL content"

    This is in my vhost.conf file:

    <Directory "/home/httpd/vhosts/WEBSITE/httpdocs">
    php_admin_value open_basedir none
    </Directory>

    This is in my vhost_sll.conf file:

    <Directory "/home/httpd/vhosts/WEBSITE/httpsdocs">
    php_admin_value open_basedir none
    </Directory>

    This is the error it gives me:

    Warning: main(): open_basedir restriction in effect. File(/home/httpd/vhosts/WEBSITE/cgi-bin/include/listing_process.inc) is not within the allowed path(s): (/home/httpd/vhosts/WEBSITE/httpdocs:/tmp) in /home/httpd/vhosts/WEBSITE/httpdocs/site/listings/test_new_listing.php on line 2

    Warning: main(/home/httpd/vhosts/WEBSITE/cgi-bin/include/listing_process.inc): failed to open stream: Operation not permitted in /home/httpd/vhosts/WEBSITE/httpdocs/site/listings/test_new_listing.php on line 2

    Fatal error: main(): Failed opening required '/home/httpd/vhosts/WEBSITE/cgi-bin/include/listing_process.inc' (include_path='.:/usr/share/pear') in /home/httpd/vhosts/WEBSITE/httpdocs/site/listings/test_new_listing.php on line 2


    That error ONLY comes up when I try to access the (https://) version of the site. It loads fine when I go to the (http://) version of the site. I've read many posts on open_basedir problems, but none that describe this problem.

    Any help would be highly appreciated.
     
  2. Whistler

    Whistler Guest

    0
     
    The name of your vhost file should be: vhost_ssl.conf - you seem to have a spelling error.

    Also remember to run a /path_to_psa/admin/bin/websrvmng --vhost-name=<the_domain> and restart Apache.
     
  3. chrisroane

    chrisroane Guest

    0
     
    Yeah, that was a mistake in the post. The file name is vhost_ssl.conf . I just typed it wrong in the post.

    "Also remember to run a /path_to_psa/admin/bin/websrvmng --vhost-name=<the_domain> and restart Apache."

    Every time I made a change to the vhost files, I did that and restarted apache.

    This problem is frustrating. Maybe I can't have the option ""Use a single directory for housing SSL and non-SSL content" and have access to the directory I want to access, without having two copies of the files?
     
  4. DarkHorizons

    DarkHorizons Guest

    0
     
    turn off safe mode as well.

    php_admin_value safe_mode 0


    That's what I had to do to get that to work properly for a domain situation just like yours.
     
  5. mikk

    mikk Basic Pleskian

    23
    73%
    Joined:
    Jan 29, 2005
    Messages:
    83
    Likes Received:
    0
    You can mimick the setting

    "Use a single directory for housing SSL and non-SSL content"

    easy enough.


    cd /path/to/DOMAIN

    mv httpsdocs httpsdocs.old
    ln -s httpdocs httpsdocs
    chown -h USERNAME:psaserv httpsdocs

    Try that with your normal setup - personally i would not recommend turning safemode off unless its the very last choice.

    Although personally i would put your includes in a directory in httpdocs and simply stick a password on the directory - they can then be accessed via the filsystem but http accesses will be requested to supply authentication.
     
Loading...