Open_Basedir Configuration

May 17, 2007

I can't correct configure the open_basedir. Safe_mode on server is enabled. Now path to accounts is: /var/www/webx/ . I would like change this path to /webx/ On server are some accounts. How can I do it?

What I did:

-> I set path in php.ini file (/etc/php4/apache2) in open_basedir = line to:
/webx/ and /var/www/webx/ too. Without effect.

-> I added
<Directory /webx/>
php_admin_value open_basedir /webx/
</Directory>

in /etc/apache2/apach2.conf and /etc/apache2/confixx_mhost.conf

Without effect.

After any change I was restarting the apache service through /etc/init.d/apache2 restart, of course.

View 1 Replies


ADVERTISEMENT

Open_basedir Off

Apr 20, 2009

I have dedicated server and my panel is lxadmin.

Anybody know how can i make off on php.ini the open_basedir ?

I have to install one script on my server this open_basedir have to be disable.

View 5 Replies View Related

Open_basedir In Php 4.4.6

Apr 25, 2007

I've just upgraded my apache install to Apache 2.0.59 and PHP 4.4.6 and suddenly open_basedir has stopped working. I have an open_basedir setting in each vhost configuration that used to work fine on php 4.3.9, now upgraded it thinks there is no path specified and I'm getting the usual failures where my scripts are not allowed to write to a directory.

Has anyone else seen this or knows what's happening? I'm on 64-bit Centos 4.4

View 4 Replies View Related

Squirrelmail And Open_basedir

Apr 14, 2009

I got a VPS with CentOs installed and it is using LxAdmin and i got this problem:

I installed Squirrelmail but it isn't working because open_basedir is enabled.

I do not want to disable open_basedir,

View 0 Replies View Related

Is Anything Other Than Open_basedir Even Needed?

Dec 9, 2008

Assuming that an account on my server is hacked into, is open_basedir enough to protect other users on the same server? I would assume so, since php would not have access to those other accounts? Why is suphp needed?

Ofcourse, I also disabled dynamic loading of modules (apache) and added some disable_functions list.

View 3 Replies View Related

Open_basedir , Safe_mode

Feb 1, 2008

when I make open_basedir effect in whm > security center

I have in my script this problem :

Warning: tempnam() [function.tempnam]: open_basedir restriction in effect. File() is not within the allowed path(s): (/home/xxxx/:/usr/lib/php:/usr/local/lib/php:/tmp) in /admincp/misc.php on line 685Warning: fwrite(): supplied argument is not a valid stream resource in /admincp/misc.php on line 688Warning: fclose(): supplied argument is not a valid stream resource in /admincp/misc.php on line 689 

when I disable it I have this other one problem :

Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid is 32010 is not allowed to access /tmp/vbthumbLTfVOk owned by uid ..

View 2 Replies View Related

Turn Off Open_basedir

Mar 31, 2008

How can I turn off open_basedir completely from within .htaccess?

I'm finding conflicting advice on how this can be done, or even if it can.

View 13 Replies View Related

Open_basedir Line.

Jun 3, 2007

to append the directory that the accounting.php.inc file is located in to the open_basedir line.

How do i do it, where n how do i make these changes.

View 6 Replies View Related

Open_basedir Restriction

Oct 14, 2007

About the 29th of last month my crons quit working properly, they are still ran but they did nothing.. I finally found out that its giving me an open_basedir error...

I am trying to run the crons from /home/<user>/crons/...
The first few lines of the PHP Code includes some required files that are used by the rest of the site...

PHP Code:

$root_path = "/home/<user>/public_html/";
include($root_path . "includes/common.php"); 

However, when the cron is ran I get the following email...

Quote:

X-Powered-By: PHP/5.2.1
Content-type: text/html

Warning: include() [function.include]: open_basedir restriction in effect. File(/home/<user>/public_html/includes/common.php) is not within the allowed path(s): (0) in /home/<user>/public_html/live.php on line 7

Warning: include(/home/<user>/public_html/includes/common.php) [function.include]: failed to open stream: Operation not permitted in /home/<user>/public_html/live.php on line 7

Warning: include() [function.include]: Failed opening '/home/<user>/public_html/includes/common.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/<user>/public_html/live.php on line 7
test
Notice: Undefined variable: db in /home/<user>/public_html/live.php on line 11

Fatal error: Call to a member function query() on a non-object in /home/<user>/public_html/live.php on line 11

WHM 11.11.0 cPanel 11.15.0-R17665
CENTOS Enterprise 4.5 i686 on standard - WHM X v3.1.0
Apache version1.3.39 (Unix)
PHP version5.2.1
MySQL version4.1.22-standard

(Paths have the correct username, I replaced the usernames with <user>...)

View 5 Replies View Related

How To Configure Open_basedir

Sep 26, 2007

I want to include script wpisz.php from /srv/www/vhosts/default/htdocs into /srv/www/vhosts/domena.pl/httpdocs/, but i recive this error:

Code:
Warning: main() [function.main]: open_basedir restriction in effect. File(/srv/www/vhosts/domena.pl/httpdocs/wpisz.php) is not within the allowed path(s): (/srv/www/vhosts/default/htdocs:/tmp) in /srv/www/vhosts/default/htdocs/index.php on line 3

Warning: main(/srv/www/vhosts/domena.pl/httpdocs/wpisz.php) [function.main]: failed to open stream: Operation not permitted in /srv/www/vhosts/default/htdocs/index.php on line 3

Warning: main() [function.include]: Failed opening '/srv/www/vhosts/domena.pl/httpdocs/wpisz.php' for inclusion (include_path='.:/usr/share/php') in /srv/www/vhosts/default/htdocs/index.php on line 3

So, I ask you to help me to set it up (propably open_basedir) in that way in which will it work fine. But please.. use a simple language and describe the solution step-by-step because I'm not doing well whith this..

View 3 Replies View Related

Virtual Open_basedir

Oct 8, 2007

I'm running a apache2 webserver with php5 and vhost_alias.

I like to use open_basedir virtual:

VirtualDocumentRoot /www/%0
php_admin_value open_basedir "/www/%0:/usr/share/php:/tmp"

View 0 Replies View Related

Disable Open_basedir In Plesk

Aug 10, 2009

How to disable open_basedir in plesk enabled server. I want to disable it server wide.

View 7 Replies View Related

Safe Mode OFF And Open_basedir Set...

Jan 18, 2008

I am going to run a free host, yes I know I should post this in FWHT but well, they dont answer very fast if at all.

It is very dangerous to have Safe Mode OFF on a free host, but someone was telling me about open_basedir, which makes it so they cant touch any files set outside of open_basedir. Would this be suffiecient to keep them from touching others files? I know I need to disable other functions like exec() and stuff but would open_basedir keep hackers away from others files and hacking them...

View 7 Replies View Related

Open_basedir With Virtual Host

Feb 5, 2008

I am trying to do open_basedir in my httpd.conf file using wildcards so I dont have to set it up for EACH account.

Here is my Virtual Host part in my conf:

<VirtualHost *>
VirtualDocumentRoot /www/%2+/%1.1/%1.2/%1.3/%1/htdocs/
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www..*$
RewriteRule ^(.+) %{HTTP_HOST}$1 [C]
RewriteRule ^www.(.+) http://$1 [P]
RequestHeader unset Accept-Encoding
RequestHeader unset Content-Encoding
</VirtualHost>
I have tried putting:
php_admin_value open_basedir /www/%2+/%1.1/%1.2/%1.3/%1/htdocs/

But I get this error looking at ANY PAGE:

Fatal error: Can't load /www/fatehost.net/a/l/d/aldo/htdocs/{FILE_IM_ON}, open_basedir restriction. in Unknown on line 0

View 4 Replies View Related

Cpanel PHP Open_basedir Tweak

May 10, 2008

if i enable PHP open_basedir Tweak in cpanel, it disables all sites and none load, do note that the other tweak called Apache mod_userdir Tweak is also enabled.

Now i am wondering is if they both clash with each other to compete for the security ?

Anyone else noticed this also?

Info :
WHM 11.15.0 cPanel 11.18.6-S24255
CENTOS Enterprise 5 i686 on standard - WHM X v3.1.0

View 4 Replies View Related

Open_basedir + CURL FOLLOW_LOCATION

Oct 23, 2007

Is there a way to configure the open_basedir to allow cURL to FOLLOW_LOCATION? I'd like to keep the open_basedir enabled for security but at the same time, I need my site to function properly and that's not a possibility with FOLLOW_LOCATION not working.

View 6 Replies View Related

Chdir Not Working Due To Open_basedir Restriction

Feb 21, 2008

I am trying to use chdir() in one of my scripts. However, I am getting an open_basedir restriction error. I have checked the php.ini and the value is not set (which as I understand should disable open_basedir).

View 4 Replies View Related

"open_basedir Restriction In Effect"

Jul 13, 2008

I've installed CRE Loaded 6.2 on one of my client accounts and am receiving the following error when trying to edit the language files:

Warning: tempnam(): open_basedir restriction in effect. File() is not within the allowed path(s): (/hsphere/local/home/hrtire:/tmp:/var/tmp:/usr/local/lib/php) in /hsphere/local/home/hrtire/hrtire.net/store/admin/edit_textdata.php on line 151

I've asked for support from my host and they told me that it can be fixed using .htaccess. They said to use:

php_value open_basedir /hsphere/local/home/hrtire/hrtire.net/store/admin/

That doesn't fix the problem and I'm not getting any more responses from them. I've tried variations (e.g. .../store/, .../store/tmp/) and nothing works.

View 6 Replies View Related

VPS Configuration

Oct 6, 2008

I was looking into setting up a new VPS server, without Parallels.

I have a dedicated server running centos. I was thinking about putting Xen on it and the use lxadmin instead of cpanel.

Any thoughts or experience with that setup.

View 4 Replies View Related

Csf Configuration

Dec 30, 2007

I just found about about csf so I uninstall afp, bfd and install csf. spend time setting it up but still not getting lik what i want can some one post their csf so i can take a look.

I want to received e-mail at least for the following:

1. someone login ssh

2. someone using su (fail and pass)

3. someone try to brutal force (notify like bfd)

4. possible break in attemp like bfd

5. when ip got ban from brutal force

6. .... and all that good stuff that keep u alert.

it's possible to notify when someone try to login whm and cpanel?

View 1 Replies View Related

VPS Firewall Configuration

Jun 14, 2008

Hello All,

I have almost everything setup for my VPS except for the firewall.

Someone told me that you can screw up your VPS if you configure your firewall incorrectly.

Can someone please guide me through? Which firewall should I use? and what all configurations should I make?

My VPS is on Debian 4 and I already have webmin configured on it. It does shows me an option to install a firewall but I just dont have enough courage to do so.

Thanks in advance,
Imoracle

View 3 Replies View Related

Mod_Security Configuration

Jul 24, 2009

I installed Mod_Security on my Cent OS server today and having some problem in configurating it.

Problem -

I have added this module in 'httpd.conf' file

Code:
<IfModule mod_security.c>
SecFilterEngine On

SecServerSignature "Apache"
SecFilterCheckUnicodeEncoding Off
SecAuditEngine RelevantOnly
SecAuditLog logs/audit_log
SecFilterScanPOST On

SecFilterDefaultAction "deny,log,status:403"

SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"

SecFilterSelective HTTP_Transfer-Encoding "!^$"

SecFilterSelective ARG_PHPSESSID "!^[0-9a-z]*$"
SecFilterSelective COOKIE_PHPSESSID "!^[0-9a-z]*$"
SecFilter "../"

SecFilter "viewtopic.php?" chain
SecFilter "chr(([0-9]{1,3}))" "deny,log"

SecFilterSelective THE_REQUEST "wget "
SecFilterSelective THE_REQUEST "lynx "
SecFilterSelective THE_REQUEST "scp "
SecFilterSelective THE_REQUEST "ftp "
SecFilterSelective THE_REQUEST "cvs "
SecFilterSelective THE_REQUEST "rcp "
SecFilterSelective THE_REQUEST "curl "
SecFilterSelective THE_REQUEST "telnet "
SecFilterSelective THE_REQUEST "ssh "
SecFilterSelective THE_REQUEST "echo "
SecFilterSelective THE_REQUEST "links -dump "
SecFilterSelective THE_REQUEST "links -dump-charset "
SecFilterSelective THE_REQUEST "links -dump-width "
SecFilterSelective THE_REQUEST "links http:// "
SecFilterSelective THE_REQUEST "links ftp:// "
SecFilterSelective THE_REQUEST "links -source "
SecFilterSelective THE_REQUEST "mkdir "
SecFilterSelective THE_REQUEST "cd /tmp "
SecFilterSelective THE_REQUEST "cd /var/tmp "
SecFilterSelective THE_REQUEST "cd /etc/httpd/proxy "
SecFilterSelective THE_REQUEST "/config.php?v=1&DIR "
SecFilterSelective THE_REQUEST "/../../ "
SecFilterSelective THE_REQUEST "&highlight=%2527%252E "
SecFilterSelective THE_REQUEST "changedir=%2Ftmp%2F.php "

# Very crude filters to prevent SQL injection attacks
SecFilter "delete[[:space:]]+from"
SecFilter "insert[[:space:]]+into"
SecFilter "select.+from"

# Weaker XSS protection but allows common HTML tags
SecFilter "<[[:space:]]*script"

# Prevent XSS atacks (HTML/Javascript injection)
SecFilter "<(.|n)+>"
</IfModule>

But my website is multi forum hosting and requires 'index.php' file to pass parameter to make it work.

Example -

[url]
[url]
[url]

So i had to delete below mention code from above module.

Code:
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"

SecFilterSelective HTTP_Transfer-Encoding "!^$"

SecFilterSelective ARG_PHPSESSID "!^[0-9a-z]*$"
SecFilterSelective COOKIE_PHPSESSID "!^[0-9a-z]*$"
SecFilter "../"

View 0 Replies View Related

Configuration Is Doable

Jan 28, 2009

Do you think this configuration is doable?

Dual Core/Core2Duo

2GB Ram

500GB HDD

100mbps port

Win 2003/2008 Web Edition

~2000-3000GB bandwidth

~$100/month?

View 8 Replies View Related

Best Drive Configuration

Oct 23, 2009

I need your opinion on the best drive configuration for my Dell poweredge 2850 dual 3.0.

I have 6 x 72gb scsi 10k hds, and perc4 raid in server. My os will be Cent os with 4 gigs of ram installed. I want to try to make this server as redundant as possible.

Offsite backup is also in plans. I’m going to use this server for a few sites (5 - 10) that are db driven, and host small video clips as Dolphin Smart Community. Server will be colocated. Please let me know if missed something .

View 6 Replies View Related

VPS Configuration Serverloft

Feb 8, 2009

serverlof but dedicadet bought and set up on my vmserver not connect to the internet vps.

Companies can connect to the internet with NAT, but only with my NAT can not connect to the internet with the other global ip.

Information about how to do VMServer settings may wonder Do you have friends?

View 0 Replies View Related

To Set Configuration Node

Apr 14, 2009

i have node 16 cpu AMD 64 gb ram HDD sas 15 with raid 10 /hypervm + openvz i host 10 vps
my problem when any vps load go over 2 the Node load go to 30 - 40 some time 100 i set CPU UNITS , Number Of CPUS and Cpu Usage for every vps but the load in node is go up

how i can set limit in vps and prevent from effect on load Node?

View 2 Replies View Related

Assp Configuration

Apr 9, 2009

I Want to use ASSP for a large number of server with different IP,

ASSP is use as SMTP proxy for the outbound traffic,

In Relaying > AcceptAllMail in put my network,

the question is : does the network will be scanned by assp, i have see that the network contribute to the whitelist?

View 4 Replies View Related

Best Exim Configuration

Jul 14, 2008

My VPS mostly have problem of over load and its beacuse of lot of mails in Mail Queue,

Can any one recommend me best best Exim Configuration in cpanel.

I think no mail stay in Queue more then 2 hours. It delete autometically or any other thing you recommend. It help me for less load.

View 3 Replies View Related

CPGS Configuration

Aug 29, 2008

Can not connect to remote socket.

IO:ocket::INET configuration failederror:00000000:lib(0):func(0):reason(0)

This can caused by a few things:

The cPGSD server is not running on 127.0.0.1:2082

There is a firewall blocking access to 127.0.0.1:2082

127.0.0.1 is not the right IP and/or 2082 is not the right port

Solar Flares (Please contact support to investigate)

I used Cpanel 11 dont known where turn off firewall T-T

View 0 Replies View Related

DNSMadeEasy Configuration

Dec 5, 2008

I just bought a subscription to dnsmadeeasy and changed my nameservers already. Now I did a dns report check and found the following: Reverse MX A records (PTR)ERROR: No reverse DNS (PTR) entries. The problem MX records are:

68.x.x.x.in-addr.arpa -> no reverse (PTR) detected
You should contact your ISP and ask him to add a PTR record for your ips
Can anyone tell me how to fix this with the dnsmadeeasy interface? I tried adding a PTR record, typed the IP but it always adds my domain name at the end.

Additionally, the IP it says 68.x.x.x is completely different from my server.. which is 69.x.x.x -- how is that ? The SOA record isrimary nameserver: ns0.dnsmadeeasy.com
Hostmaster E-mail address: dns.dnsmadeeasy.com
Serial #: 2008010106
Refresh: 43200
Retry: 3600
Expire: 1209600 2 weeksDefault TTL: 180

Is this default TTL too little? I checked some other domains and it was always more. MX Records:

I have a dedicated server with hostname named after my primary domain and mail on mail.example.com

But now when I add other domains via dnsmadeeasy, the mx only allows mail.thisdomain.com instead of mail.example.com

Is this normal? Do I just need to enter the main IP of my server and that's it? The name itself does not matter?

View 2 Replies View Related

SMTP Configuration

Dec 10, 2008

we installed CMS for our website, when a client want to signup to our website, the confirmation email send to theie Spam Box, we want to our email send to theire Inbox. how can i resolve this problem?

View 6 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved