ServerBuddies Support Blog

How PHP open_basedir works ?

PHP admin directives for open_basedir are added to each Virtual Host in httpd.conf. These directives limit users’ access via PHP to only the following directories:

Cpanel PHP open_basedir Tweak

open_basedir: A feature that uses PHP to prevent users from opening files outside their home directories. This can be enabled using WHM’s PHP open_basedir Tweak feature.

This parameter allows you to limit file operations to a specific directory. Attackers will often attempt to find ways to include local files in PHP scripts to gain information about your server’s filesystem.

The open_basedir tweak prevents users from browsing the file system using PHP. It does this by limiting PHP’s access to the user’s home directory, /tmp, and a few necessary PHP system directories. If you wish to use the open_basedir tweak with a PHP handler other than DSO, you will need to manually specify the open_basedir directive in each user’s php.ini file.

To prevent accounts from accessing foreign files using PHP:

#Click the Enable php open_basedir Protection checkbox at the top of the list.
#Select domains you wish to exclude, disabling protection for their files.
#Click Save.

How to modify the open_basedir setting for one domain

To change the open_basedir value when using php in CLI mode (not suPhp), you can do so by going to:

Admin Level -> Custom httpd configuration -> domain.com

In the top text area, insert this one line:

which is the default value in the templates. Edit the paths in that line to meet your needs.

Source: http://directadmin.com

How to modify the open_basedir setting for one domain in DirectAdmin

To change the open_basedir value when using php in CLI mode (not suPHP), you can do so by going to:

Admin Level -> Custom httpd configuration -> domain.com

In the top text area, insert this one line:

which is the default value in the templates. Edit the paths in that line to meet your needs.

Source : http://directadmin.com/