Is there a way to configure the open_basedir to allow cURL to FOLLOW_LOCATION? I'd like to keep the open_basedir enabled for security but at the same time, I need my site to function properly and that's not a possibility with FOLLOW_LOCATION not working.
View 6 RepliesI have dedicated server and my panel is lxadmin.
Anybody know how can i make off on php.ini the open_basedir ?
I have to install one script on my server this open_basedir have to be disable.
I've just upgraded my apache install to Apache 2.0.59 and PHP 4.4.6 and suddenly open_basedir has stopped working. I have an open_basedir setting in each vhost configuration that used to work fine on php 4.3.9, now upgraded it thinks there is no path specified and I'm getting the usual failures where my scripts are not allowed to write to a directory.
Has anyone else seen this or knows what's happening? I'm on 64-bit Centos 4.4
I got a VPS with CentOs installed and it is using LxAdmin and i got this problem:
I installed Squirrelmail but it isn't working because open_basedir is enabled.
I do not want to disable open_basedir,
Assuming that an account on my server is hacked into, is open_basedir enough to protect other users on the same server? I would assume so, since php would not have access to those other accounts? Why is suphp needed?
Ofcourse, I also disabled dynamic loading of modules (apache) and added some disable_functions list.
when I make open_basedir effect in whm > security center
I have in my script this problem :
Warning: tempnam() [function.tempnam]: open_basedir restriction in effect. File() is not within the allowed path(s): (/home/xxxx/:/usr/lib/php:/usr/local/lib/php:/tmp) in /admincp/misc.php on line 685Warning: fwrite(): supplied argument is not a valid stream resource in /admincp/misc.php on line 688Warning: fclose(): supplied argument is not a valid stream resource in /admincp/misc.php on line 689
when I disable it I have this other one problem :
Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid is 32010 is not allowed to access /tmp/vbthumbLTfVOk owned by uid ..
How can I turn off open_basedir completely from within .htaccess?
I'm finding conflicting advice on how this can be done, or even if it can.
to append the directory that the accounting.php.inc file is located in to the open_basedir line.
How do i do it, where n how do i make these changes.
I can't correct configure the open_basedir. Safe_mode on server is enabled. Now path to accounts is: /var/www/webx/ . I would like change this path to /webx/ On server are some accounts. How can I do it?
What I did:
-> I set path in php.ini file (/etc/php4/apache2) in open_basedir = line to:
/webx/ and /var/www/webx/ too. Without effect.
-> I added
<Directory /webx/>
php_admin_value open_basedir /webx/
</Directory>
in /etc/apache2/apach2.conf and /etc/apache2/confixx_mhost.conf
Without effect.
After any change I was restarting the apache service through /etc/init.d/apache2 restart, of course.
About the 29th of last month my crons quit working properly, they are still ran but they did nothing.. I finally found out that its giving me an open_basedir error...
I am trying to run the crons from /home/<user>/crons/...
The first few lines of the PHP Code includes some required files that are used by the rest of the site...
PHP Code:
$root_path = "/home/<user>/public_html/";
include($root_path . "includes/common.php");
However, when the cron is ran I get the following email...
Quote:
X-Powered-By: PHP/5.2.1
Content-type: text/html
Warning: include() [function.include]: open_basedir restriction in effect. File(/home/<user>/public_html/includes/common.php) is not within the allowed path(s): (0) in /home/<user>/public_html/live.php on line 7
Warning: include(/home/<user>/public_html/includes/common.php) [function.include]: failed to open stream: Operation not permitted in /home/<user>/public_html/live.php on line 7
Warning: include() [function.include]: Failed opening '/home/<user>/public_html/includes/common.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/<user>/public_html/live.php on line 7
test
Notice: Undefined variable: db in /home/<user>/public_html/live.php on line 11
Fatal error: Call to a member function query() on a non-object in /home/<user>/public_html/live.php on line 11
WHM 11.11.0 cPanel 11.15.0-R17665
CENTOS Enterprise 4.5 i686 on standard - WHM X v3.1.0
Apache version1.3.39 (Unix)
PHP version5.2.1
MySQL version4.1.22-standard
(Paths have the correct username, I replaced the usernames with <user>...)
I want to include script wpisz.php from /srv/www/vhosts/default/htdocs into /srv/www/vhosts/domena.pl/httpdocs/, but i recive this error:
Code:
Warning: main() [function.main]: open_basedir restriction in effect. File(/srv/www/vhosts/domena.pl/httpdocs/wpisz.php) is not within the allowed path(s): (/srv/www/vhosts/default/htdocs:/tmp) in /srv/www/vhosts/default/htdocs/index.php on line 3
Warning: main(/srv/www/vhosts/domena.pl/httpdocs/wpisz.php) [function.main]: failed to open stream: Operation not permitted in /srv/www/vhosts/default/htdocs/index.php on line 3
Warning: main() [function.include]: Failed opening '/srv/www/vhosts/domena.pl/httpdocs/wpisz.php' for inclusion (include_path='.:/usr/share/php') in /srv/www/vhosts/default/htdocs/index.php on line 3
So, I ask you to help me to set it up (propably open_basedir) in that way in which will it work fine. But please.. use a simple language and describe the solution step-by-step because I'm not doing well whith this..
I'm running a apache2 webserver with php5 and vhost_alias.
I like to use open_basedir virtual:
VirtualDocumentRoot /www/%0
php_admin_value open_basedir "/www/%0:/usr/share/php:/tmp"
How to disable open_basedir in plesk enabled server. I want to disable it server wide.
View 7 Replies View RelatedI am going to run a free host, yes I know I should post this in FWHT but well, they dont answer very fast if at all.
It is very dangerous to have Safe Mode OFF on a free host, but someone was telling me about open_basedir, which makes it so they cant touch any files set outside of open_basedir. Would this be suffiecient to keep them from touching others files? I know I need to disable other functions like exec() and stuff but would open_basedir keep hackers away from others files and hacking them...
I am trying to do open_basedir in my httpd.conf file using wildcards so I dont have to set it up for EACH account.
Here is my Virtual Host part in my conf:
<VirtualHost *>
VirtualDocumentRoot /www/%2+/%1.1/%1.2/%1.3/%1/htdocs/
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www..*$
RewriteRule ^(.+) %{HTTP_HOST}$1 [C]
RewriteRule ^www.(.+) http://$1 [P]
RequestHeader unset Accept-Encoding
RequestHeader unset Content-Encoding
</VirtualHost>
I have tried putting:
php_admin_value open_basedir /www/%2+/%1.1/%1.2/%1.3/%1/htdocs/
But I get this error looking at ANY PAGE:
Fatal error: Can't load /www/fatehost.net/a/l/d/aldo/htdocs/{FILE_IM_ON}, open_basedir restriction. in Unknown on line 0
if i enable PHP open_basedir Tweak in cpanel, it disables all sites and none load, do note that the other tweak called Apache mod_userdir Tweak is also enabled.
Now i am wondering is if they both clash with each other to compete for the security ?
Anyone else noticed this also?
Info :
WHM 11.15.0 cPanel 11.18.6-S24255
CENTOS Enterprise 5 i686 on standard - WHM X v3.1.0
I am trying to use chdir() in one of my scripts. However, I am getting an open_basedir restriction error. I have checked the php.ini and the value is not set (which as I understand should disable open_basedir).
View 4 Replies View RelatedI have a Linux-Debian server, I have Apache2, PHP ect setup for a basic website im running on it too, However I need cURL enabled, I cant seem to find any options in the php.ini files to enable cURL at all.
I know that you just uncomment it to enable it however I dont see it at all, even it being disabled. I opened it in notepad and used the SEARCH feature and it couldnt find it eithier.
Do you know what cURL Library means?
I have seen that in apthost.com reseller plan.
I got some one to help me install cURL. Now all I have to do is change the permissions for the /usr/bin file for the crons and such.
View 2 Replies View RelatedI'm now running curl 7.18.1 and would like to donwgrade it to the previous version.
View 4 Replies View RelatedI have PHP 5.2.5 compiled with GD library working on my webserver,
yesterday i wanted to add Curl Support, so i had to recompile php.
I downloaded and installed Curl latest version and tried to recompile PHP :
'./configure'
'--prefix=/usr/local/php'
'--enable-discard-path'
'--disable-force-cgi-redirect'
'--enable-shared'
'--disable-static'
'--disable-debug'
'--disable-rpath'
'--enable-pic'
'--enable-inline-optimization'
'--enable-memory-limit'
'--with-gd'
'--with-png-dir'
'--with-jpeg-dir'
'--with-config-file-path=/etc'
'--with-config-file-scan-dir=/etc/php'
'--with-pear=/usr/share/pear'
'--enable-magic-quotes'
'--enable-debugger'
'--enable-track-vars'
'--with-exec-dir=/usr/bin'
'--with-versioning'
'--with-mod_charset'
'--with-regex=php'
'--enable-track-vars'
'--enable-trans-sid'
'--enable-safe-mode'
'--enable-ctype'
'--enable-ftp'
'--with-gettext=/usr'
'--enable-posix'
'--enable-session'
'--enable-sysvsem'
'--enable-sysvshm'
'--with-openssl=/usr'
'--without-kerberos'
'--with-freetype-dir=/usr'
'--with-zlib=/usr'
'--with-zlib=/usr'
'--with-zlib-dir=/usr'
'--with-zlib-dir'
'--enable-xslt'
'--with-xslt-sablot'
'--with-iconv-dir=/usr/local/lib'
'--with-mysql-sock=/var/lib/mysql/mysql.sock'
'--with-mysql'
'--enable-mbstring=all'
'--enable-fastcgi'
'--enable-discard-path'
'--enable-force-cgi-redirect'
'--with-curl=/usr/local/curl'
I can't get it working, this is the error i get :
..
checking for T1lib support... no
checking whether to enable truetype string function in GD... no
checking whether to enable JIS-mapped Japanese font support in GD... no
checking for fabsf... yes
checking for floorf... yes
If configure fails try --with-jpeg-dir=<DIR>
checking for png_write_image in -lpng... yes
If configure fails try --with-xpm-dir=<DIR>
If configure fails try --with-freetype-dir=<DIR>
configure: error: GD build test failed. Please check the config.log for
details.
I think i'm not the only one who is experiencing this problem, take a look here:
[url]
Why do PHP.net don't give much importance to this BUG?
I'm using the same OS : Centos 5
I wanna install curl on my server its Centos 4.5 and SL told me I have around 30K mails pending on the serve can anyone tell me how to remove them from pending?
View 6 Replies View RelatedI am trying to install curl on my server...
wget [url]
make
make install
ldconfig -v
This is what I haved done so far. Where do I go from here?
"Then use --with-curl in PHP's configure" this was the last step on the instructions but i do not know what it means.
I have been attempting to get curl installed on my server, but seem to have run into a snag. When I type:
curl-config --version
I get a response that I have: libcurl 7.16.0
However, when I try to install WHMCS, it still shows I do not have Curl with SSL support. I have used /scripts/easyapache, however there was never an option under 6 or 7 with CURL. I also tried with Cpanel WHM and used the Apache Update to 4.4.4 and checked both Curl options and OpenSSL. However still no luck.
I have also restarted services and rebooted the server.
after following the perfect server setup - centos5.2 guide I have setup a home server on my dsl connection and installed openfire with relative ease. I have a paid hosting server which runs my website but I want to have it access the userservice plugin of openfire to add/remove users (which is installed on my new home webserver).
After trying fopen and CURL to post GET data to my home server without any luck I did some reading and came accross the snoopy php class. The snoopy class now allows me to get the default apache test page on my home server but when i try to point snoopy to my openfire admin on port 9090 it throws up a timeout error (but i think this may be an error in the snoopy class?).
CURL and fopen allowed me to get data from google and some other sites but not from my home server.
CURL installed with SSL Support one of the programs I am trying to use on my servers needs the above programs. How do I find and install these? Running CentOS 5
View 5 Replies View Relatedhow many web hosts support cURL? Is it widely supported? Do LAMP setups come with this?
View 14 Replies View RelatedI'm trying to compile PHP with curl enabled but I cannot get it work.
Here is the part of config.log
....
configure:32740: checking whether to enable calendar conversion support
configure:32778: result: no
configure:33078: checking whether to enable ctype functions
configure:33116: result: yes
configure:33416: checking for cURL support
configure:33455: result: yes
configure:33464: checking if we should use cURL for url streams
configure:33482: result: no
configure:33492: checking for cURL in default path
configure:33497: result: found in /usr
configure:33515: checking for cURL 7.10.5 or greater
configure:33529: result: libcurl 7.15.5
configure:33538: checking for SSL support in libcurl
configure:33542: result: yes
configure:33560: checking how to run the C preprocessor
configure:33678: result: gcc -E
configure:33702: gcc -E conftest.c
configure:33708: $? = 0
configure:33740: gcc -E conftest.c
conftest.c:201:28: error: ac_nonexistent.h: No such file or directory
configure:33746: $? = 1
configure: failed program was:
| /* confdefs.h. */
|
| #define PACKAGE_NAME ""
| #define PACKAGE_TARNAME ""
| #define PACKAGE_VERSION ""
| #define PACKAGE_STRING ""
...
As you can see it shows "ac_nonexistent.h: No such file or directory" I installed both gcc and gcc-c++ libraries but it doesn't work.
PHP version is 5.2.6 and OS is CentOS 5 64bit
I have one server with multiple websites hosted on it. It's powered with Cpanel / WHM.
When I run the command 'wget mydomain.com' from this server, I download a Cpanel / WHM landing page instead of the actual homepage from mydomain.com.
I can successfully load mydomain.com in a browser. I can also run the 'wget' command from my local computer and download the correct homepage.
When I run this command from the server mydomain.com is hosted on, Apache returns the home page for the default virtual host for my IP address (ie. cpanel landing page). I encounter this same problem when using CURL or PHP Sockets.
I am behind a firewall. Could this be causing the issue? Does anyone have any ideas how I could fix this?
This is a big problem as I have websites that need to use a web service from a domain hosted on the same machine.
Im having problems configuring my shopping cart.
Im hosting with www.valueweb.com
Does anybody know what is the path to curl?
I called them but they gave me 2 paths and none of them work.