Assuming that an account on my server is hacked into, is open_basedir enough to protect other users on the same server? I would assume so, since php would not have access to those other accounts? Why is suphp needed?
Ofcourse, I also disabled dynamic loading of modules (apache) and added some disable_functions list.
I've just upgraded my apache install to Apache 2.0.59 and PHP 4.4.6 and suddenly open_basedir has stopped working. I have an open_basedir setting in each vhost configuration that used to work fine on php 4.3.9, now upgraded it thinks there is no path specified and I'm getting the usual failures where my scripts are not allowed to write to a directory.
Has anyone else seen this or knows what's happening? I'm on 64-bit Centos 4.4
when I make open_basedir effect in whm > security center
I have in my script this problem :
Warning: tempnam() [function.tempnam]: open_basedir restriction in effect. File() is not within the allowed path(s): (/home/xxxx/:/usr/lib/php:/usr/local/lib/php:/tmp) in /admincp/misc.php on line 685Warning: fwrite(): supplied argument is not a valid stream resource in /admincp/misc.php on line 688Warning: fclose(): supplied argument is not a valid stream resource in /admincp/misc.php on line 689
when I disable it I have this other one problem :
Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid is 32010 is not allowed to access /tmp/vbthumbLTfVOk owned by uid ..
I can't correct configure the open_basedir. Safe_mode on server is enabled. Now path to accounts is: /var/www/webx/ . I would like change this path to /webx/ On server are some accounts. How can I do it?
What I did:
-> I set path in php.ini file (/etc/php4/apache2) in open_basedir = line to: /webx/ and /var/www/webx/ too. Without effect.
-> I added <Directory /webx/> php_admin_value open_basedir /webx/ </Directory>
in /etc/apache2/apach2.conf and /etc/apache2/confixx_mhost.conf
Without effect.
After any change I was restarting the apache service through /etc/init.d/apache2 restart, of course.
About the 29th of last month my crons quit working properly, they are still ran but they did nothing.. I finally found out that its giving me an open_basedir error...
I am trying to run the crons from /home/<user>/crons/... The first few lines of the PHP Code includes some required files that are used by the rest of the site...
However, when the cron is ran I get the following email...
Quote:
X-Powered-By: PHP/5.2.1 Content-type: text/html
Warning: include() [function.include]: open_basedir restriction in effect. File(/home/<user>/public_html/includes/common.php) is not within the allowed path(s): (0) in /home/<user>/public_html/live.php on line 7
Warning: include(/home/<user>/public_html/includes/common.php) [function.include]: failed to open stream: Operation not permitted in /home/<user>/public_html/live.php on line 7
Warning: include() [function.include]: Failed opening '/home/<user>/public_html/includes/common.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/<user>/public_html/live.php on line 7 test Notice: Undefined variable: db in /home/<user>/public_html/live.php on line 11
Fatal error: Call to a member function query() on a non-object in /home/<user>/public_html/live.php on line 11
WHM 11.11.0 cPanel 11.15.0-R17665 CENTOS Enterprise 4.5 i686 on standard - WHM X v3.1.0 Apache version1.3.39 (Unix) PHP version5.2.1 MySQL version4.1.22-standard
(Paths have the correct username, I replaced the usernames with <user>...)
I want to include script wpisz.php from /srv/www/vhosts/default/htdocs into /srv/www/vhosts/domena.pl/httpdocs/, but i recive this error:
Code: Warning: main() [function.main]: open_basedir restriction in effect. File(/srv/www/vhosts/domena.pl/httpdocs/wpisz.php) is not within the allowed path(s): (/srv/www/vhosts/default/htdocs:/tmp) in /srv/www/vhosts/default/htdocs/index.php on line 3
Warning: main(/srv/www/vhosts/domena.pl/httpdocs/wpisz.php) [function.main]: failed to open stream: Operation not permitted in /srv/www/vhosts/default/htdocs/index.php on line 3
Warning: main() [function.include]: Failed opening '/srv/www/vhosts/domena.pl/httpdocs/wpisz.php' for inclusion (include_path='.:/usr/share/php') in /srv/www/vhosts/default/htdocs/index.php on line 3
So, I ask you to help me to set it up (propably open_basedir) in that way in which will it work fine. But please.. use a simple language and describe the solution step-by-step because I'm not doing well whith this..
I am going to run a free host, yes I know I should post this in FWHT but well, they dont answer very fast if at all.
It is very dangerous to have Safe Mode OFF on a free host, but someone was telling me about open_basedir, which makes it so they cant touch any files set outside of open_basedir. Would this be suffiecient to keep them from touching others files? I know I need to disable other functions like exec() and stuff but would open_basedir keep hackers away from others files and hacking them...
if i enable PHP open_basedir Tweak in cpanel, it disables all sites and none load, do note that the other tweak called Apache mod_userdir Tweak is also enabled.
Now i am wondering is if they both clash with each other to compete for the security ?
Anyone else noticed this also?
Info : WHM 11.15.0 cPanel 11.18.6-S24255 CENTOS Enterprise 5 i686 on standard - WHM X v3.1.0
Is there a way to configure the open_basedir to allow cURL to FOLLOW_LOCATION? I'd like to keep the open_basedir enabled for security but at the same time, I need my site to function properly and that's not a possibility with FOLLOW_LOCATION not working.
I am trying to use chdir() in one of my scripts. However, I am getting an open_basedir restriction error. I have checked the php.ini and the value is not set (which as I understand should disable open_basedir).
I want to start a VPS service for our customers, I am looking for a managed server provider that can provide economical server for VPS any one has any idea?
I have 2 dedicated servers and one VPS with liquidweb. Lately I am facing quite an issue with support and I think I am posting 2nd time about liquidweb support.
Its all about my VPS, which use to hold 45 clients consumming around 50 % disk space and around 30 % bandwidth.
On 3rd of April VPS started to shoot emails about services failure and continuously went for 2 days. Then on finally 5th April, it went down. So I reported this to liquidweb support by creating a ticket(I created the ticket by shooting an email to support@liquidweb.com not by logging into PIMS). I got an reply in around 1 hr 20 mins that server is up. So i checked it and yes it was up, but with lots of issues. Still were getting service failure emails as they are failing and above all my root password stopped working. So couldn't login into WHM that time.
I reported this back on 6th April. No reply on 6th of April. On 7th april, I sent a reminder about the issue. They repiled by asking for my last 4 digits of credit card for verification purpose (Designatation of that person was written Web Designer) . Now when I ordered this using paypal, there is no question of last 4 digits of credit card. So I politely replied them back within 4 hours that I have used paypal for ordering the VPS.
They didn't reply back on 7th, not on 8th. Finally on 9th, when I lost few customers because I can't login into WHM, I wrote a bit stringly worded post in that support ticket.
To quote myself.....
"OPPS!!!....This has been a tremendous lack of response from you guys. It seems that you don't have support guys anymore. I have lost few customers because I can't login into my WHM. And it seems that you have changed my root password and now not letting me know about this.
Suddenly one web designer is replying my ticket.
Whats is happening there?
Let me know my root password immediately.
Thanks Krish"
Now after posting this reply, I decided to call them. So within 30 mins of this post I called them. Jason, a system admin replied and we talked politely about the issue. He accepted over phone that it was big mess.
Why big mess?????...because when he restored my old password and I logged into WHM....I don't see any account left . All data lost...everything gone as it appeared there is nothing left.
So he took up the issue of restoring account. He claimed that server was rooted. Now how come after so many days and communications they discovered my server was rooted?
Then he started restoring accounts....all accounts came back but with a loss of around whopping 80% loss of data. Most of customers started complaining about loss of emails and data. On 10th again I reported them about such loss and mysql which was not working. They fixed the mysql issue, but no database was left.
Then I got busy on 11th, could not follow it up as I should have been doing. But still as I was waiting replies from my customer about how much is the loss (I was telling them that we should be able to get them back from backup).
So I reported back to support on 11th as follows...I quote myself...
"I am waiting for reply from them. I noticed one thing. That the content is not restored properly...as there are only 13% of space used right..which should be around 50%."
I´m thinking about setting up a load balanced setup. I´ll start with load-balancing MySQL, and after, I´ll go with the webservers. MySQL is currently more important.
I have two different bandwidth providers, with two different networks, in the same datacenter. Pings between both are under 1ms.
I was think about buying 4 servers, two for a MySQL Cluster (NDB), and two for a UltraMonkey Load Balancer setup. The MySQL Cluster API would be installed in another server, currently in use.
So, what else would I need? My intention is to have two servers in one provider, and two servers in another provider. Would this kind of setup require large quantities of bandwidth? Both providers wouldn´t let me pass a diferent cable for this purpose, so I would have to use the uplink.
Also, for webservers, I would only need two more servers, right? Maybe rsync them, and have sessions stored in database would be the best choice?
I would like to setup a load balancing pair of servers. Currently, I have about 7 servers, all of them working stand alone. I would like to use two of them to host some "power-hungry" websites, that require high availiability. What kind of hardware will I need to do it? I´ve already searched for some, and found load-balancers from F5 which seem to be very good, however they seem to be very expensive (9000 dolars maybe?). Is there any solution which might end cheaper? Will I need anything else?
I'd like one server on the east coast and one on the west or close to it.
They will be used for primary ans secondary dns only.
Simply running Bind and webmin.
I need cheap servers since they are pushing dns data around.
Not very bandwidth intensive or cpu resource intensive.
The most important thing is that the backbone redundancy is amazing.
You can get a good server at a lot of place these day, but who has the staff and backbone to make sure these servers are not bottlenecked and up and running.
If I wanted to install OpenVPN to create a personal VPN (low bandwith/CPU) what kind of minimum specs should I be looking into?
I contacted Panix.com to enquiry about their $10/month shell account I asked them about getting OpenVPN installed and they replied something like they do not allow it in the shell because it needs a server with a higher spec, which is odd to me.
What would the average person looking for a VPS look for? I know each customer is different but I am talking just the most common. I am looking for specs to look for if I do a review site. That way I will review the type of VPS's most people are looking for.
I am looking for sellers to perhaps post their best selling VPS plan.
Include your guesses/experience with the following
Can anyone recommend a confirmed solid dedicated host that offers reasonably priced 1000 Mbps ports (preferably flat rate shared) and will allow us to route a /24 to them?
i thought for moveing my apache 2.0 to 2.2 but iam in little bit confused for max client and keep alive setting in normal apache 2.0 we can see that in httpd.conf file but in apache 2.2 we can able to see that all,any one help me in finding these kind of setting and move my apache 2.2 without any issues
i run a linux server with the planet it comes with ensim installed.
as some of you probabley heard about the fire at the planet and they offered to move my server to another facility but they have to change the server ip address which i agreed to it
the server is back online but i'm unable to acces any websites
i asked them to point all domains to the new ip address but they are really busy and i assume it would take a day or 2
when i login to ensim and list all sites i still see the old ip address listed under each domain, do i need to change that if so how?
will everything work once the they modify dns records?
I've searched quite a bit for myself now, but I have yet to find a place that offers what I need. Most of the servers seem way too overpowered for my needs, but the lower-end server offerings I've found don't have the necessary space and/or bw.
What I'm looking for is something along these lines:
I basically only need to run Apache/Lighthttpd, PHP and MySQL, along with a custom program that would only use 1-2% cpu at its peak and not more than 1mb memory. The web server part would probably not serve more than 10-20 simultaneous visits at its peak.
CPU and memory requirements are therefore very small for me. However, I need 10gb space at the very least, along with ~200gb bw.
I would preferably like the server to be located in Europe, or have very good connectivity to Europe, as I need as low pings as possible.