if i enable PHP open_basedir Tweak in cpanel, it disables all sites and none load, do note that the other tweak called Apache mod_userdir Tweak is also enabled.
Now i am wondering is if they both clash with each other to compete for the security ?
Anyone else noticed this also?
Info :
WHM 11.15.0 cPanel 11.18.6-S24255
CENTOS Enterprise 5 i686 on standard - WHM X v3.1.0
mod_userdir Protection:
Apache's mod_userdir allows users to view their sites by entering a tilde(~) and their username as the uri on a specific host. For example http://test.cpanel.net/~fred/ will bring up the user fred's domain. The disadvantage of this feature is that any bandwidth usage used by this site will be put on the domain it is accessed under (in this case test.cpanel.net). mod_userdir protection prevents this from happening. You may however want to disable it on specific virtual hosts (generally shared ssl hosts.)
We have enabled mod_userdir Protection for all our users but some our clients want to view their website via For example [url]
in this section there is mentioned that You may however want to disable it on specific virtual hosts (generally shared ssl hosts.)
but when i select a domain which i want to disable mod_userdir Protection & then ticked marked on Exclude Protection check box then i have restarted apache web server but still i am unable to view selected domain via IP based
I just got a new server that has 2 quad core intel processors and 4GB of RAM. I am running about 1000 queries per second and have been having some issues where users are being denied a connection to the database every few minutes. I am not sure how to tweak the my.cnf file correctly to solve this issue. The contest of my.cnf are below:
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
skip-locking
skip-innodb
query_cache_limit=1M
query_cache_size=32M
query_cache_type=1
max_user_connections=2000
max_connections=2000
interactive_timeout=100
wait_timeout=100
connect_timeout=100
thread_cache_size=128
key_buffer=16M
join_buffer=1M
max_allowed_packet=16M
table_cache=1024
record_buffer=1M
sort_buffer_size=2M
read_buffer_size=2M
max_connect_errors=10
thread_concurrency=8
myisam_sort_buffer_size=64M
server-id=1
#[mysql.server]
#user=mysql
#basedir=/var/lib
[safe_mysqld]
err-log=/var/log/mysqld.log
pid-file=/var/lib/mysql/mysql.pid
open_files_limit=8192
i want horde email to be default in greek language...i mean when someone clicks in horde email icon to go automatically on his box...i don't want the screen where he choose the language...is that possible?
View 1 Replies View Relatedi have few servers that just serve files (1MB-100MB)
Suse Linux on all
the servers have minimal apps installed and i already got a llarge performance increase by dumping apache
now im look at tweaking at the OS level
any settings in Linux itself to speed up sending files down the pipe?
net.ipv4.tcp... in /etc/sysctl.conf?
Where do I find the file to tweak spawn-fcgi process. I look in lighttpd.conf and php.ini I couldn't find any. I use lighttpd.
View 3 Replies View RelatedI have dedicated server and my panel is lxadmin.
Anybody know how can i make off on php.ini the open_basedir ?
I have to install one script on my server this open_basedir have to be disable.
I've just upgraded my apache install to Apache 2.0.59 and PHP 4.4.6 and suddenly open_basedir has stopped working. I have an open_basedir setting in each vhost configuration that used to work fine on php 4.3.9, now upgraded it thinks there is no path specified and I'm getting the usual failures where my scripts are not allowed to write to a directory.
Has anyone else seen this or knows what's happening? I'm on 64-bit Centos 4.4
I got a VPS with CentOs installed and it is using LxAdmin and i got this problem:
I installed Squirrelmail but it isn't working because open_basedir is enabled.
I do not want to disable open_basedir,
Assuming that an account on my server is hacked into, is open_basedir enough to protect other users on the same server? I would assume so, since php would not have access to those other accounts? Why is suphp needed?
Ofcourse, I also disabled dynamic loading of modules (apache) and added some disable_functions list.
when I make open_basedir effect in whm > security center
I have in my script this problem :
Warning: tempnam() [function.tempnam]: open_basedir restriction in effect. File() is not within the allowed path(s): (/home/xxxx/:/usr/lib/php:/usr/local/lib/php:/tmp) in /admincp/misc.php on line 685Warning: fwrite(): supplied argument is not a valid stream resource in /admincp/misc.php on line 688Warning: fclose(): supplied argument is not a valid stream resource in /admincp/misc.php on line 689
when I disable it I have this other one problem :
Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid is 32010 is not allowed to access /tmp/vbthumbLTfVOk owned by uid ..
How can I turn off open_basedir completely from within .htaccess?
I'm finding conflicting advice on how this can be done, or even if it can.
to append the directory that the accounting.php.inc file is located in to the open_basedir line.
How do i do it, where n how do i make these changes.
I can't correct configure the open_basedir. Safe_mode on server is enabled. Now path to accounts is: /var/www/webx/ . I would like change this path to /webx/ On server are some accounts. How can I do it?
What I did:
-> I set path in php.ini file (/etc/php4/apache2) in open_basedir = line to:
/webx/ and /var/www/webx/ too. Without effect.
-> I added
<Directory /webx/>
php_admin_value open_basedir /webx/
</Directory>
in /etc/apache2/apach2.conf and /etc/apache2/confixx_mhost.conf
Without effect.
After any change I was restarting the apache service through /etc/init.d/apache2 restart, of course.
About the 29th of last month my crons quit working properly, they are still ran but they did nothing.. I finally found out that its giving me an open_basedir error...
I am trying to run the crons from /home/<user>/crons/...
The first few lines of the PHP Code includes some required files that are used by the rest of the site...
PHP Code:
$root_path = "/home/<user>/public_html/";
include($root_path . "includes/common.php");
However, when the cron is ran I get the following email...
Quote:
X-Powered-By: PHP/5.2.1
Content-type: text/html
Warning: include() [function.include]: open_basedir restriction in effect. File(/home/<user>/public_html/includes/common.php) is not within the allowed path(s): (0) in /home/<user>/public_html/live.php on line 7
Warning: include(/home/<user>/public_html/includes/common.php) [function.include]: failed to open stream: Operation not permitted in /home/<user>/public_html/live.php on line 7
Warning: include() [function.include]: Failed opening '/home/<user>/public_html/includes/common.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/<user>/public_html/live.php on line 7
test
Notice: Undefined variable: db in /home/<user>/public_html/live.php on line 11
Fatal error: Call to a member function query() on a non-object in /home/<user>/public_html/live.php on line 11
WHM 11.11.0 cPanel 11.15.0-R17665
CENTOS Enterprise 4.5 i686 on standard - WHM X v3.1.0
Apache version1.3.39 (Unix)
PHP version5.2.1
MySQL version4.1.22-standard
(Paths have the correct username, I replaced the usernames with <user>...)
I want to include script wpisz.php from /srv/www/vhosts/default/htdocs into /srv/www/vhosts/domena.pl/httpdocs/, but i recive this error:
Code:
Warning: main() [function.main]: open_basedir restriction in effect. File(/srv/www/vhosts/domena.pl/httpdocs/wpisz.php) is not within the allowed path(s): (/srv/www/vhosts/default/htdocs:/tmp) in /srv/www/vhosts/default/htdocs/index.php on line 3
Warning: main(/srv/www/vhosts/domena.pl/httpdocs/wpisz.php) [function.main]: failed to open stream: Operation not permitted in /srv/www/vhosts/default/htdocs/index.php on line 3
Warning: main() [function.include]: Failed opening '/srv/www/vhosts/domena.pl/httpdocs/wpisz.php' for inclusion (include_path='.:/usr/share/php') in /srv/www/vhosts/default/htdocs/index.php on line 3
So, I ask you to help me to set it up (propably open_basedir) in that way in which will it work fine. But please.. use a simple language and describe the solution step-by-step because I'm not doing well whith this..
I'm running a apache2 webserver with php5 and vhost_alias.
I like to use open_basedir virtual:
VirtualDocumentRoot /www/%0
php_admin_value open_basedir "/www/%0:/usr/share/php:/tmp"
How to disable open_basedir in plesk enabled server. I want to disable it server wide.
View 7 Replies View RelatedI am going to run a free host, yes I know I should post this in FWHT but well, they dont answer very fast if at all.
It is very dangerous to have Safe Mode OFF on a free host, but someone was telling me about open_basedir, which makes it so they cant touch any files set outside of open_basedir. Would this be suffiecient to keep them from touching others files? I know I need to disable other functions like exec() and stuff but would open_basedir keep hackers away from others files and hacking them...
I am trying to do open_basedir in my httpd.conf file using wildcards so I dont have to set it up for EACH account.
Here is my Virtual Host part in my conf:
<VirtualHost *>
VirtualDocumentRoot /www/%2+/%1.1/%1.2/%1.3/%1/htdocs/
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www..*$
RewriteRule ^(.+) %{HTTP_HOST}$1 [C]
RewriteRule ^www.(.+) http://$1 [P]
RequestHeader unset Accept-Encoding
RequestHeader unset Content-Encoding
</VirtualHost>
I have tried putting:
php_admin_value open_basedir /www/%2+/%1.1/%1.2/%1.3/%1/htdocs/
But I get this error looking at ANY PAGE:
Fatal error: Can't load /www/fatehost.net/a/l/d/aldo/htdocs/{FILE_IM_ON}, open_basedir restriction. in Unknown on line 0
Is there a way to configure the open_basedir to allow cURL to FOLLOW_LOCATION? I'd like to keep the open_basedir enabled for security but at the same time, I need my site to function properly and that's not a possibility with FOLLOW_LOCATION not working.
View 6 Replies View RelatedI am trying to use chdir() in one of my scripts. However, I am getting an open_basedir restriction error. I have checked the php.ini and the value is not set (which as I understand should disable open_basedir).
View 4 Replies View RelatedI've installed CRE Loaded 6.2 on one of my client accounts and am receiving the following error when trying to edit the language files:
Warning: tempnam(): open_basedir restriction in effect. File() is not within the allowed path(s): (/hsphere/local/home/hrtire:/tmp:/var/tmp:/usr/local/lib/php) in /hsphere/local/home/hrtire/hrtire.net/store/admin/edit_textdata.php on line 151
I've asked for support from my host and they told me that it can be fixed using .htaccess. They said to use:
php_value open_basedir /hsphere/local/home/hrtire/hrtire.net/store/admin/
That doesn't fix the problem and I'm not getting any more responses from them. I've tried variations (e.g. .../store/, .../store/tmp/) and nothing works.
got error with cpanel linces after force reboot
and when i try to set the licnse
i got this error
Code:
/usr/local/cpanel/cpkeyclt
Updating Internal cPanel Information.......Died at /usr/local/cpanel/Cpanel/CpKeyClt.pm line 132.
...propagated at /usr/local/cpanel/Cpanel/CpKeyClt.pm line 132.
.Done
An arbitrary file inclusion vulnerability has been discovered in the Horde
webmail application. At present, we can confirm that this security
vulnerability in question affects Horde 3.1.6 and earlier. Based on
incomplete information at this time, we also believe this affects Horde
Groupware 1.0.4 and earlier as well (cPanel does not use Horde Groupware
at this time).
cPanel customers should update their cPanel and WHM servers immediately to
prevent any chance of compromise. The patch will be available in builds
11.18.2 and greater (or 11.19.2 and greater for EDGE systems). The updated
builds will be available immediately to all fast update servers. The
builds will be available to all other update servers within one hour of
this posting.
To check which version of cPanel and WHM is on your server, simply log
into WebHost Manager (WHM) and look in the top right corner, or execute
the following command from the command line as root:
/usr/local/cpanel/cpanel -V
You can upgrade your server by navigating to 'cPanel' -> 'Upgrade to
Latest Version' in WebHost Manager or by executing the following from the
command line as root:
/scripts/upcp
It is recommended that all use of Horde 3.1.6 and earlier be stopped (on
cPanel and non-cPanel systems alike) until Horde updates can be applied.
You can disable Horde on your cPanel system by unchecking the box next to
'Server Configuration' -> 'Tweak Settings' -> 'Mail' -> 'Horde Webmail'
within WHM, and saving the page with the new settings.
I have 2 servers both have cpanel. I want to use 2nd server's mysql in my site which is on 1st server. I think thats not that hard. I don't wanna do clustering as this is temproary.
View 2 Replies View RelatedI am in the process of moving websites and emails to a new host. I am doing the transfer manually because we are gradually moving different part of the site at one time to allow developers to work on new parts.
I now want to migrate all of the email accounts off the old cpanel server to the new cpanel host. What files and settings do I need to move so settings are not lost, such as save mail and contacts?
I'm having big trouble trying to update an SSL certificate with cPanel.
I'm such a dummy that I've ended up buying 2 SSL certificates to see if that may fix it.
I now have 1 certificate for www.mydomainname.com and 1 for just mydomainname.com
I have logged into the account in cpanel and uploaded both certificates and when I view them in Security -> SSL/TLS manager -> Certificates They both display the correct host, correct issuer, and correct expire date.
But when I try to visit my site using https I get:
The certificate expired on 4/8/2008 7:59 PM.
(Error code: sec_error_unknown_issuer)