How to Relax PHP'S Open_Basedir Restriction

How can I relax PHP's open_basedir restriction?

You can also do this easily on a per-directory basis using the Apache (assuming this is your web server) configuration file (e.g. httpd.conf)

<Directory /var/www/vhosts/domain.tld/httpdocs>
php_admin_value open_basedir "/var/www/vhosts/domain.tld/httpdocs:/var/www/vhosts/domain.tld/zend"
</Directory>

you can also completely remove the restriction with

<Directory /var/www/vhosts/domain.tld/httpdocs>
php_admin_value open_basedir none
</Directory>

open_basedir restriction in effect

If it's your server and you can actually mess around with configuration, you can turn off the open_basedir in your php.ini, reload PHP and try if it works. safe_mode should be turned off in PHP by default as this option causes only problems.

Or you can try following:

<Directory /var/www/vhosts/domain.com/httpdocs>
    php_admin_value open_basedir "/var/www/vhosts/domain.com/httpdocs/:/tmp/:/var/www/vhosts/domain.com/uploads/"
</Directory>

Same can apply for the php.ini if you decide to set the config there.

open_basedir restriction in effect and subdomains

I found the answer. You have to specify the different modules or else simply editing the vhost file doens't have much of an effect. This is to turn off the open_basedir but you can edit the settings accordingly.

<Directory /var/www/vhosts/YOURDOMAIN.COM/subdomains/YOUSUBDOMAIN/httpdocs>
  <IfModule sapi_apache2.c>
  php_admin_value open_basedir none
</IfModule>
<IfModule mod_php5.c>
  php_admin_value open_basedir none
  </IfModule>
</Directory>

then

# /usr/local/psa/admin/bin/websrvmng --reconfigure-vhost --vhost-name=YOURDOMAIN.COM
# apachectl stop
# apachectl start

Full article can be found here: http://prattski.com/2008/09/13/plesk-open_basedir-fix/

PHP error : open_basedir restriction in effect

First, 777 permissions are bad, even on localhost where there is limited external access. Changing File Permissions « WordPress Codex for the correct and secure permissions scheme.

Second, open_basedir restriction in effect is a PHP configuration error. You need to make changes in httpd.conf. You need to find the location of httpd.conf for your OS and Apache.

See http://php.net/manual/en/ini.core.php#ini.open-basedir :

In httpd.conf, open_basedir can be turned off (e.g. for some virtual
hosts) the same way as any other configuration directive with
"php_admin_value open_basedir none"

Is there any way I can bypass symlinks from php open_basedir?

There is no way to bypass the open_basedir restriction, no. However, you could just include the additional symlink path to your open_basedir since it can accept more than just one path.

open_basedir=/var/www/abc/public_html:/var/www/abc/files

All symbolic links are resolved, so it's not possible to avoid this restriction with a symlink.

PHP Manual: open_basedir

What you have to keep in mind is that open_basedir allows everything in a given path. So that means once access is granted to the path /var/www/abc/files, everything in that path like /var/www/abc/files/foo, /var/www/abc/files/bar, etc... is also allowed.


Related Topics

PHP: How to Read a .Txt File from Ftp Server into a Variable

PHP Password_Hash(), Password_Verify()

Why Is Register_Globals So Bad

Call to Undefined Function Oci_Connect()

PHP - How to Merge Arrays Inside Array

PHP Max_Input_Vars

Convert Var_Dump of Array Back to Array Variable

How to Write to the Console in PHP

Get Absolute Path of Initially Run Script

What Is the Function _Construct Used For

Error: "Input Is Not Proper Utf-8, Indicate Encoding !" Using PHP'S Simplexml_Load_String

Do I Have to Guard Against SQL Injection If I Used a Dropdown

PHP: Writing a Simple Removeemoji Function

PHPunit Assert That an Exception Was Thrown

Netbeans Shows "Waiting For Connection (Netbeans-Xdebug)"

How to Remove HTML Special Chars

Difference Between Session_Unset() and Session_Destroy() in PHP

What Is a Front Controller and How Is It Implemented


Leave a reply



Submit