Php ini open basedir disable

Disable open_basedir in cPanel for error open_basedir restriction in effect

This tutorial explains how to adjust open_basedir attribute in PHP configuration and in case of shared hosting, learn to disable open_basedir via cPanel.

Question: Recently I worked for a client to install Datawrapper application on his Debian Jessie shared hosting server. I did follow all the steps given in the installation manual, but the application failed due to PHP fatal error and the warning hinted “require_once(): open_basedir restriction in effect“.

Below is the snapshot from the web server log.

[18-Feb-2017 15:28:08 UTC] PHP Warning: require_once(): open_basedir restriction in effect. File(/data/web/html/datawrapper/vendor/autoload.php) is not within the allowed path(s): (/data/web/html/datawrapper/www:/data/web/e26373/phpsession:/data/web/phptmp:/tmp:/usr/bin) in /data/web/html/datawrapper/www/index.php on line 14 [18-Feb-2017 15:28:08 UTC] PHP Warning: require_once(/data/web/html/datawrapper/vendor/autoload.php): failed to open stream: Operation not permitted in /data/web/html/datawrapper/www/index.php on line 14 [18-Feb-2017 15:28:08 UTC] PHP Fatal error: require_once(): Failed opening required '../vendor/autoload.php' (include_path='.') in /data/web/html/datawrapper/www/index.php on line 14

Solution: By analyzing the error, it shows that a security feature called open_basedir has been enabled. It is primarily used to prevent the web server user from accessing the files stored outside the directory that’s set in open_basedir. So in your case, it looks like open_basedir is set to /data/web/html/datawrapper/www directory and the index.php is trying to access vendor/autoload.php file which is outside the basedir.

Solution 1: Set open_basedir to point to /data/web/html/datawrapper in php.ini

open_basedir = "/data/web/html/datawrapper"

In case of shared hosting, you may not be able to make changes to php.ini or create one for your account. So follow the solution 2.

How to disable open_basedir via cPanel?

Solution 2: Go to cPanel and look out for PHP Settings. Open the settings of the default PHP version and disable open_basedir feature.

Now, try accessing the application and it should work.

Источник

How to disable the PHP open_basedir restriction for a specific domain in Plesk

Learn how to disable the accesibility protection of open_basedir in PHP in a specific domain in Plesk.

In PHP, the directive open_basedir of the php.ini configuration specifies a limit of the directories and files that can be accessed by PHP to the specified directory-tree, including itself. In the background, this functionality works like this, for example, when you try to read a file using include, fopen, file_get_contents, the location of the file is checked, so if the file location is outside of the specified directory-tree in open_base_dir, PHP will refuse to access it, making your code fail (symbolic links are resolved, so you can’t circumvent this restriction doing this).

In the Plesk environment, for some administrators, this could mean that Project A located in Directory A, wouldn’t be able to access the files of Project B located in Directory B. In some cases, it’s necessary for interoperability.

Understanding what the limitation is

Assume that the following PHP file is hosted at projecta.mydomain.com at a Plesk server. What this basically does is to read a file from Project B inside a PHP file located at Project A:

If you run the code from the first application, the following errors will appear if you have the default open_basedir configured:

Warning: file_get_contents(): open_basedir restriction in effect. File(/var/www/vhosts/projectb/filefromb.txt) is not within the allowed path(s): (/var/www/vhosts/projecta/:/tmp/) in /var/www/vhosts/projecta/index.php on line 16 Warning: file_get_contents(/var/www/vhosts/projectb/filefromb.txt): failed to open stream: Operation not permitted in /var/www/vhosts/projecta/index.php on line 16

The solution, would be to add the directory of projectb to the open_basedir of projecta.

Try to specify the required directories in the directive

As a recommendation, you shouldn’t remove this protection basically because if you are the administrator of a Plesk server, where some of the owners of the projects that you host, have access to the code, they would simply have access to areas and files of your server that they simply shouldn’t. So, if you know the directory that you need to access, grant the access by adding the parameter to the open_basedir directive. Navigate to your domain and open the PHP settings:

To separate directories, use a colon (:) on Linux and a semicolon (;) on Windows. For example, if you want the project to be able to access the directory /var/www/vhosts/projectb , add in Windows ;/var/www/vhosts/projectb or in Linux :/var/www/vhosts/projectb . Always try to add the directories that you need and you won’t have any trouble, you may deal however with the permissions of the file (chmod), but that’s another history.

Disable open_basedir restriction

We make emphasis this approach once again unless you really know that there should be no limitation of access of the PHP code hosted on the server, don’t remove the restriction.

If you want to continue because you know what you’re doing, the solution isn’t the one you expect with the regular configuration of PHP. In PHP is possible to remove the open_basedir limitation by setting its value to «none» in the php.ini, so you may do the same thing in Plesk. To remove the open_basedir restriction, set its value in Plesk going to the PHP Setting of your domain:

Important note

Now, to understand what’s going on now after disabling the open_basedir restriction is that you won’t have anymore the warning of open_basedir restriction in effect, however, if you try to access a file that is inside a directory whose permissions don’t allow you to access the file (e.g 710) even though the file has 777, you won’t be able to access it.

Источник

Vesta Control Panel — Forum

i tried to disable open_basedir with php.ini .but it didn’t changed .

My current vestacp information :
PHP 7
Centos 7.3

This has been discussed many a times if you cared to search
https://www.google.com/search?q=vestacp+open_basedir

TIP**
in your /home/vestauser/conf/web/apache2.conf file you need to comment this line or adjust access to directories as needed.

php_admin_value open_basedir . 

Re: How can i disable open_basedir settings.

Post by beef » Fri Oct 27, 2017 8:21 pm

/usr/local/vesta/data/templates/web/apache2/default.tpl /usr/local/vesta/data/templates/web/apache2/default.stpl 

rebuild the user profile afterwards via the dashboard to automatically update already created config files

Re: How can i disable open_basedir settings.

Post by Akalanka » Fri Nov 03, 2017 8:42 am

So the issue was fixed:

The file to edit was:
/home/admin/conf/web/httpd.conf
And I had to comment php_admin_value open_basedir “none” to
php_admin_value open_basedir /home/admin/web/xxx.com/public_html:/home/admin/tmp

Save and restart your apache web server using
service httpd restart

plutocrat Posts: 232 Joined: Fri Jan 27, 2017 9:16 am
Os: Ubuntu 17x Web: apache + nginx

Re: How can i disable open_basedir settings.

Post by plutocrat » Mon Nov 06, 2017 4:15 am

Note that your changes will disappear if you ever rebuild the web config. To make the changes permanent you need to also edit the template files that are used to rebuild the config as suggested above.

Even better, copy the templates to new files, edit those, and then select the template from the control panel.

Источник