Assuming that an account on my server is hacked into, is open_basedir enough to protect other users on the same server? I would assume so, since php would not have access to those other accounts? Why is suphp needed?
Ofcourse, I also disabled dynamic loading of modules (apache) and added some disable_functions list.
I have dedicated server and my panel is lxadmin.
Anybody know how can i make off on php.ini the open_basedir ?
I have to install one script on my server this open_basedir have to be disable.
I've just upgraded my apache install to Apache 2.0.59 and PHP 4.4.6 and suddenly open_basedir has stopped working. I have an open_basedir setting in each vhost configuration that used to work fine on php 4.3.9, now upgraded it thinks there is no path specified and I'm getting the usual failures where my scripts are not allowed to write to a directory.
Has anyone else seen this or knows what's happening? I'm on 64-bit Centos 4.4
I got a VPS with CentOs installed and it is using LxAdmin and i got this problem:
I installed Squirrelmail but it isn't working because open_basedir is enabled.
I do not want to disable open_basedir,
when I make open_basedir effect in whm > security center
I have in my script this problem :
Warning: tempnam() [function.tempnam]: open_basedir restriction in effect. File() is not within the allowed path(s): (/home/xxxx/:/usr/lib/php:/usr/local/lib/php:/tmp) in /admincp/misc.php on line 685Warning: fwrite(): supplied argument is not a valid stream resource in /admincp/misc.php on line 688Warning: fclose(): supplied argument is not a valid stream resource in /admincp/misc.php on line 689
when I disable it I have this other one problem :
Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid is 32010 is not allowed to access /tmp/vbthumbLTfVOk owned by uid ..
How can I turn off open_basedir completely from within .htaccess?
I'm finding conflicting advice on how this can be done, or even if it can.
to append the directory that the accounting.php.inc file is located in to the open_basedir line.
How do i do it, where n how do i make these changes.
I can't correct configure the open_basedir. Safe_mode on server is enabled. Now path to accounts is: /var/www/webx/ . I would like change this path to /webx/ On server are some accounts. How can I do it?
What I did:
-> I set path in php.ini file (/etc/php4/apache2) in open_basedir = line to:
/webx/ and /var/www/webx/ too. Without effect.
-> I added
<Directory /webx/>
php_admin_value open_basedir /webx/
</Directory>
in /etc/apache2/apach2.conf and /etc/apache2/confixx_mhost.conf
Without effect.
After any change I was restarting the apache service through /etc/init.d/apache2 restart, of course.
About the 29th of last month my crons quit working properly, they are still ran but they did nothing.. I finally found out that its giving me an open_basedir error...
I am trying to run the crons from /home/<user>/crons/...
The first few lines of the PHP Code includes some required files that are used by the rest of the site...
PHP Code:
$root_path = "/home/<user>/public_html/";
include($root_path . "includes/common.php");
However, when the cron is ran I get the following email...
Quote:
X-Powered-By: PHP/5.2.1
Content-type: text/html
Warning: include() [function.include]: open_basedir restriction in effect. File(/home/<user>/public_html/includes/common.php) is not within the allowed path(s): (0) in /home/<user>/public_html/live.php on line 7
Warning: include(/home/<user>/public_html/includes/common.php) [function.include]: failed to open stream: Operation not permitted in /home/<user>/public_html/live.php on line 7
Warning: include() [function.include]: Failed opening '/home/<user>/public_html/includes/common.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/<user>/public_html/live.php on line 7
test
Notice: Undefined variable: db in /home/<user>/public_html/live.php on line 11
Fatal error: Call to a member function query() on a non-object in /home/<user>/public_html/live.php on line 11
WHM 11.11.0 cPanel 11.15.0-R17665
CENTOS Enterprise 4.5 i686 on standard - WHM X v3.1.0
Apache version1.3.39 (Unix)
PHP version5.2.1
MySQL version4.1.22-standard
(Paths have the correct username, I replaced the usernames with <user>...)
I want to include script wpisz.php from /srv/www/vhosts/default/htdocs into /srv/www/vhosts/domena.pl/httpdocs/, but i recive this error:
Code:
Warning: main() [function.main]: open_basedir restriction in effect. File(/srv/www/vhosts/domena.pl/httpdocs/wpisz.php) is not within the allowed path(s): (/srv/www/vhosts/default/htdocs:/tmp) in /srv/www/vhosts/default/htdocs/index.php on line 3
Warning: main(/srv/www/vhosts/domena.pl/httpdocs/wpisz.php) [function.main]: failed to open stream: Operation not permitted in /srv/www/vhosts/default/htdocs/index.php on line 3
Warning: main() [function.include]: Failed opening '/srv/www/vhosts/domena.pl/httpdocs/wpisz.php' for inclusion (include_path='.:/usr/share/php') in /srv/www/vhosts/default/htdocs/index.php on line 3
So, I ask you to help me to set it up (propably open_basedir) in that way in which will it work fine. But please.. use a simple language and describe the solution step-by-step because I'm not doing well whith this..
I'm running a apache2 webserver with php5 and vhost_alias.
I like to use open_basedir virtual:
VirtualDocumentRoot /www/%0
php_admin_value open_basedir "/www/%0:/usr/share/php:/tmp"
How to disable open_basedir in plesk enabled server. I want to disable it server wide.
View 7 Replies View RelatedI am going to run a free host, yes I know I should post this in FWHT but well, they dont answer very fast if at all.
It is very dangerous to have Safe Mode OFF on a free host, but someone was telling me about open_basedir, which makes it so they cant touch any files set outside of open_basedir. Would this be suffiecient to keep them from touching others files? I know I need to disable other functions like exec() and stuff but would open_basedir keep hackers away from others files and hacking them...
I am trying to do open_basedir in my httpd.conf file using wildcards so I dont have to set it up for EACH account.
Here is my Virtual Host part in my conf:
<VirtualHost *>
VirtualDocumentRoot /www/%2+/%1.1/%1.2/%1.3/%1/htdocs/
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www..*$
RewriteRule ^(.+) %{HTTP_HOST}$1 [C]
RewriteRule ^www.(.+) http://$1 [P]
RequestHeader unset Accept-Encoding
RequestHeader unset Content-Encoding
</VirtualHost>
I have tried putting:
php_admin_value open_basedir /www/%2+/%1.1/%1.2/%1.3/%1/htdocs/
But I get this error looking at ANY PAGE:
Fatal error: Can't load /www/fatehost.net/a/l/d/aldo/htdocs/{FILE_IM_ON}, open_basedir restriction. in Unknown on line 0
if i enable PHP open_basedir Tweak in cpanel, it disables all sites and none load, do note that the other tweak called Apache mod_userdir Tweak is also enabled.
Now i am wondering is if they both clash with each other to compete for the security ?
Anyone else noticed this also?
Info :
WHM 11.15.0 cPanel 11.18.6-S24255
CENTOS Enterprise 5 i686 on standard - WHM X v3.1.0
Is there a way to configure the open_basedir to allow cURL to FOLLOW_LOCATION? I'd like to keep the open_basedir enabled for security but at the same time, I need my site to function properly and that's not a possibility with FOLLOW_LOCATION not working.
View 6 Replies View RelatedI am trying to use chdir() in one of my scripts. However, I am getting an open_basedir restriction error. I have checked the php.ini and the value is not set (which as I understand should disable open_basedir).
View 4 Replies View RelatedI want to start a VPS service for our customers, I am looking for a managed server provider that can provide economical server for VPS any one has any idea?
View 13 Replies View RelatedI have 2 dedicated servers and one VPS with liquidweb. Lately I am facing quite an issue with support and I think I am posting 2nd time about liquidweb support.
Its all about my VPS, which use to hold 45 clients consumming around 50 % disk space and around 30 % bandwidth.
On 3rd of April VPS started to shoot emails about services failure and continuously went for 2 days. Then on finally 5th April, it went down. So I reported this to liquidweb support by creating a ticket(I created the ticket by shooting an email to support@liquidweb.com not by logging into PIMS). I got an reply in around 1 hr 20 mins that server is up. So i checked it and yes it was up, but with lots of issues. Still were getting service failure emails as they are failing and above all my root password stopped working. So couldn't login into WHM that time.
I reported this back on 6th April. No reply on 6th of April. On 7th april, I sent a reminder about the issue. They repiled by asking for my last 4 digits of credit card for verification purpose (Designatation of that person was written Web Designer) . Now when I ordered this using paypal, there is no question of last 4 digits of credit card. So I politely replied them back within 4 hours that I have used paypal for ordering the VPS.
They didn't reply back on 7th, not on 8th. Finally on 9th, when I lost few customers because I can't login into WHM, I wrote a bit stringly worded post in that support ticket.
To quote myself.....
"OPPS!!!....This has been a tremendous lack of response from you guys. It seems
that you don't have support guys anymore. I have lost few customers
because I can't login into my WHM. And it seems that you have changed my
root password and now not letting me know about this.
Suddenly one web designer is replying my ticket.
Whats is happening there?
Let me know my root password immediately.
Thanks
Krish"
Now after posting this reply, I decided to call them. So within 30 mins of this post I called them. Jason, a system admin replied and we talked politely about the issue. He accepted over phone that it was big mess.
Why big mess?????...because when he restored my old password and I logged into WHM....I don't see any account left . All data lost...everything gone as it appeared there is nothing left.
So he took up the issue of restoring account. He claimed that server was rooted. Now how come after so many days and communications they discovered my server was rooted?
Then he started restoring accounts....all accounts came back but with a loss of around whopping 80% loss of data. Most of customers started complaining about loss of emails and data. On 10th again I reported them about such loss and mysql which was not working. They fixed the mysql issue, but no database was left.
Then I got busy on 11th, could not follow it up as I should have been doing. But still as I was waiting replies from my customer about how much is the loss (I was telling them that we should be able to get them back from backup).
So I reported back to support on 11th as follows...I quote myself...
"I am waiting for reply from them. I noticed one thing. That the content is not
restored properly...as there are only 13% of space used right..which should be
around 50%."
On 12th I got following reply...I quote...
Anyone having first hand review of Netfirms ....
They are offering 250GB storage , 2000GB transfer ( Sure, Overselling ) at :
netfirms.com/max
The above link will give me a whole year for $10,
Just want to inquire about "first hand review of Netfirms" and no criticizing on there price's and overselling plans.
I´m thinking about setting up a load balanced setup. I´ll start with load-balancing MySQL, and after, I´ll go with the webservers. MySQL is currently more important.
I have two different bandwidth providers, with two different networks, in the same datacenter. Pings between both are under 1ms.
I was think about buying 4 servers, two for a MySQL Cluster (NDB), and two for a UltraMonkey Load Balancer setup. The MySQL Cluster API would be installed in another server, currently in use.
So, what else would I need? My intention is to have two servers in one provider, and two servers in another provider. Would this kind of setup require large quantities of bandwidth? Both providers wouldn´t let me pass a diferent cable for this purpose, so I would have to use the uplink.
Also, for webservers, I would only need two more servers, right? Maybe rsync them, and have sessions stored in database would be the best choice?
Thank You
I would like to setup a load balancing pair of servers. Currently, I have about 7 servers, all of them working stand alone. I would like to use two of them to host some "power-hungry" websites, that require high availiability. What kind of hardware will I need to do it? I´ve already searched for some, and found load-balancers from F5 which seem to be very good, however they seem to be very expensive (9000 dolars maybe?). Is there any solution which might end cheaper? Will I need anything else?
View 14 Replies View RelatedI need 2 dedicated DNS servers.
I'd like one server on the east coast and one on the west or close to it.
They will be used for primary ans secondary dns only.
Simply running Bind and webmin.
I need cheap servers since they are pushing dns data around.
Not very bandwidth intensive or cpu resource intensive.
The most important thing is that the backbone redundancy is amazing.
You can get a good server at a lot of place these day, but who has the staff and backbone to make sure these servers are not bottlenecked and up and running.
If I wanted to install OpenVPN to create a personal VPN (low bandwith/CPU) what kind of minimum specs should I be looking into?
I contacted Panix.com to enquiry about their $10/month shell account I asked them about getting OpenVPN installed and they replied something like they do not allow it in the shell because it needs a server with a higher spec, which is odd to me.
I'm running a CPanel server and wondering which of these users are safe to remove and whats the best way to do that?
Code:
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
avahi-autoipd:x:499:499:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkituser:x:87:87:PolicyKit:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:498:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
avahi:x:498:497:avahi-daemon:/var/run/avahi-daemon:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
torrent:x:497:496:BitTorrent Seed/Tracker:/var/lib/bittorrent:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
When a registered memory is needed ?
I read that if you using more than 4GB you HAVE to use it, because it causes a huge overload into motherboard because it suck so much energy.
But is real life is this really true ? Is it really needed ?
What would the average person looking for a VPS look for? I know each customer is different but I am talking just the most common. I am looking for specs to look for if I do a review site. That way I will review the type of VPS's most people are looking for.
I am looking for sellers to perhaps post their best selling VPS plan.
Include your guesses/experience with the following
Hard Drive:
RAM:
Bandwidth:
IPs:
Can anyone recommend a confirmed solid dedicated host that offers reasonably priced 1000 Mbps ports (preferably flat rate shared) and will allow us to route a /24 to them?
View 14 Replies View Relatedi thought for moveing my apache 2.0 to 2.2 but iam in little bit confused for max client and keep alive setting in normal apache 2.0 we can see that in httpd.conf file but in apache 2.2 we can able to see that all,any one help me in finding these kind of setting and move my apache 2.2 without any issues
View 0 Replies View Relatedi run a linux server with the planet it comes with ensim installed.
as some of you probabley heard about the fire at the planet and they offered to move my server to another facility but they have to change the server ip address which i agreed to it
the server is back online but i'm unable to acces any websites
i asked them to point all domains to the new ip address but they are really busy and i assume it would take a day or 2
when i login to ensim and list all sites i still see the old ip address listed under each domain, do i need to change that if so how?
will everything work once the they modify dns records?
I've searched quite a bit for myself now, but I have yet to find a place that offers what I need. Most of the servers seem way too overpowered for my needs, but the lower-end server offerings I've found don't have the necessary space and/or bw.
What I'm looking for is something along these lines:
I basically only need to run Apache/Lighthttpd, PHP and MySQL, along with a custom program that would only use 1-2% cpu at its peak and not more than 1mb memory. The web server part would probably not serve more than 10-20 simultaneous visits at its peak.
CPU and memory requirements are therefore very small for me. However, I need 10gb space at the very least, along with ~200gb bw.
I would preferably like the server to be located in Europe, or have very good connectivity to Europe, as I need as low pings as possible.
Unmanaged and no control panel needed.
