Jump to content
Froxlor Forum
  • 0

open_basedir


Jason134

Question

Recommended Posts

On 1/10/2018 at 5:27 AM, Jason134 said:

enabled

Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini

how i should do?

Hi

Please I do not understand what's said here - does it mean if I have   "open_basedir" enabled, then Froxlor won't work well or what ?

Am asking this because I use my VPS for shared hosting and "open_basedir" is enabled.

My Machine config are - 
OS : CentOS 7.1
Web Server : Nginx Mainline
PHP 7.2
PHP-FPM

These are the major things I can remember off my head

Link to comment
Share on other sites

I also have the following functions disabled in my php.ini for  added security
disable_functions = exec,passthru,shell_exec,system,proc_open,popen,curl_exec, curl_multi_exec,parse_ini_file,show_source,scandir
disable_functions = php-info, fopen_with_path,dbmopen,dbase_open,putenv,filepro,filepro_rowcount,filepro_retrieve,posix_mkfifo


Hope they won't interfer with the smooth operations of FROXLOR

Link to comment
Share on other sites

3 hours ago, kingsley ezenwa said:

Please I do not understand what's said here - does it mean if I have   "open_basedir" enabled, then Froxlor won't work well or what ?

Yes, but you only need to disable it for froxlor and not globally for all vhosts

Link to comment
Share on other sites

On 1/28/2018 at 3:08 AM, d00p said:

You can only disable it separatly if you are using php-fpm or FCGID. Otherwise it's global.

What it does, what happens, see http://php.net/manual/en/ini.core.php#ini.open-basedir

Sorry but seems i wasn't clear enough on my question.

If I disable Open_BaseDir globally via my php.ini in /etc folder, would my server have any negative security hole for any of the VirtualHosts on the server.
I love to have less services/scripts active as that means less things to interfere/break.
So Can I just Globally disable Open_BaseDir via /etc/php.ini and still be protected against any security issue.

I wanted to just disable open_basedir globally via /etc/php.ini and let FroxLor do it's thing and still remain safe.

In other words, Would you d00p disable open_basedir globally via /etc/php.ini in a shared host environment  and let or whatever SharedHosting script  like Froxlor, ISPConfig, etc manage things it's self.? 

Link to comment
Share on other sites

I would definetly NOT disable open_basedir in a shared hosting Environment...i also suggest the usage of fcgid or php-fpm as this way:

- the PHP process runs under the customers User

- you can define PHP.ini's on a per domain basis (this can be done via froxlor)

 

 

Link to comment
Share on other sites

Hello Friends, trust you are good ? Please i need a support on Froxlor Installation.

I installed Froxlor on Cpanel but i can not proceed further.

On 1/10/2018 at 2:27 PM, Jason134 said:

Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini 

also, the GUI is showing:- PHP posix-extension...not installed.

 

As this junction, please what should I do? Am a Newbie and script Kidddes. Thank you

 

Screenshot_2018-09-15 Froxlor Server Management Panel - Installation.png

Link to comment
Share on other sites

On 1/29/2018 at 9:57 PM, d00p said:

I would definetly NOT disable open_basedir in a shared hosting Environment...i also suggest the usage of fcgid or php-fpm as this way:

- the PHP process runs under the customers User

- you can define PHP.ini's on a per domain basis (this can be done via froxlor)

 

 

Hi

Thanks for your response.
Just to be sure I understood you right, I will do the following

1. Go into /etc/php.ini file and uncomment open_basedir  .
2. Go ahead and install Froxlor normally on my CentOS server + Nginx + PHP-FPM and let Froxlor handle the rest.

Hope that's all

Link to comment
Share on other sites

21 minutes ago, d00p said:

Really? You do not know how to edit a file on your server? Please consider getting a real linux-sysadmin...you do not seem to know what you are doing

 

24 minutes ago, d00p said:

You edit the php.ini ans restart the Webserver. If you use fcgid or php-fpm you can adjust These settings in froxlor itself.

 

29 minutes ago, d00p said:

You edit the php.ini ans restart the Webserver. If you use fcgid or php-fpm you can adjust These settings in froxlor itself.

i edit php.ini 

; precision.
serialize_precision = -1

; open_basedir, if set, limits all file operations to the defined directory
; and below.  This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file.
; http://php.net/open-basedir

; This directive allows you to disable certain functions for security reasons.
; It receives a comma-delimited list of function names.

 

 

but no change !

Screenshot_2018-01-10-22-05-09.png

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...