Tutorial how to enabled PHP open_basedir in CWP Control panel.
Enabled PHP open_basedir in CWP Linux Server.
We have two options:
1) global config, one config file in the include folder /usr/local/php/php.d/ and in php selector include folders
2) per user config, the securest option as it restricts user to his /home/USERNAME folder and also disables users from using a custom php.ini files.
Global Configuration:
The securest method do this correctly and to prevent users from overriding this is to place the config into the include file. Please note that if you set this into /usr/local/php/php.ini then custom user php.ini will be able to disable it. Please note that global config allows full /home folder access while per user restricts users to /home/USERNAME folder which is much more secure.
One line command to create a file and config:
echo "open_basedir = /home:/tmp:/var/tmp:/usr/local/lib/php/" >/usr/local/php/php.d/open_basedir.ini You can also do it by yourself by creating a file with the following content:
open_basedir = /home:/tmp:/var/tmp:/usr/local/lib/php/ Per User open_basedir:
To enable per user open_basedir you can create php.ini file in the users /home folder.
Please note that this option will also disable all further custom users php.ini files per folder, example: /home/USERNAME/public_html/php.ini will not be loaded.
You can also place it into public_html folder.
but then users will be able to run custom php.ini files per folder and they can disable open_basedir.
We hope you enjoy using php in cwp.
