Tutorial how to enabled PHP open_basedir in CWP Control panel.
Enabled PHP open_basedir in CWP Linux Server.
We have two options:
1) global config, one config file in the include folder /usr/local/php/php.d/ and in php selector include folders
2) per user config, the securest option as it restricts user to his /home/USERNAME folder and also disables users from using a custom php.ini files.
The securest method do this correctly and to prevent users from overriding this is to place the config into the include file. Please note that if you set this into /usr/local/php/php.ini then custom user php.ini will be able to disable it. Please note that global config allows full /home folder access while per user restricts users to /home/USERNAME folder which is much more secure.
One line command to create a file and config:
echo "open_basedir = /home:/tmp:/var/tmp:/usr/local/lib/php/" >/usr/local/php/php.d/open_basedir.ini
You can also do it by yourself by creating a file with the following content:
open_basedir = /home:/tmp:/var/tmp:/usr/local/lib/php/
Per User open_basedir:
To enable per user open_basedir you can create php.ini file in the users /home folder.
Please note that this option will also disable all further custom users php.ini files per folder, example: /home/USERNAME/public_html/php.ini will not be loaded.
You can also place it into public_html folder.
but then users will be able to run custom php.ini files per folder and they can disable open_basedir.
We hope you enjoy using php in cwp.