PHP open_basedir Tweak
For WHM version 11.28
(WHM >> Security Center >> PHP open_basedir Tweak)
tweak prevents users from browsing the file system using PHP. It does this by limiting PHP's access to the user's home directory, /tmp
, and a few necessary PHP system directories. If you wish to use the
tweak with a PHP handler other than DSO, you will need to manually specify the
directive in each user's
To prevent accounts from accessing foreign files using PHP:
- Click the Enable php open_basedir Protection checkbox at the top of the list.
- Select domains you wish to exclude, disabling protection for their files.
- Click Save.
How does it work?
PHP admin directives for
are added to each Virtual Host in
. These directives limit users' access via PHP to only the following directories:
- If php 4 is compiled into Apache, /usr/php4/lib/php and /usr/local/php4/lib/php
This security tweak modifies the Apache configuration file, regardless of the PHP handler currently selected. Apache configuration file directives for PHP only take effect if the DSO handler is selected. If PHP is configured to run as a CGI, suPHP, or FastCGI process, you must manually specify the
directive in the appropriate
file. Each user will need his or her own
file when using a PHP handler other than DSO.
Topic revision: r6 - 08 Jun 2011 - 20:40:39 - Main.RosieArcelay