Mobile app version of vmapp.org
Login or Join
Hamm4606531

: CPanel PHP open_basedir warning to root directory - Any solution? I am currently hosting a simple multi-tenancy service on cPanel shared hosting, where customers who signed up will have a subdomain,

@Hamm4606531

Posted in: #Cpanel #Php #SharedHosting

I am currently hosting a simple multi-tenancy service on cPanel shared hosting, where customers who signed up will have a subdomain, directory and a database dynamically assigned to them (via XMLAPI):

Customer A subdomain directory7: /home/xxx/public_html/customers/custA/ (http://custA.abc.com),
Customer B subdomain directory: /home/xxx/public_html/customers/custB/ (http://custB.abc.com) etc.

All customers will be served with the same copy of the system files (except for their respective config file), so I created symlinks from my customers' subdomain directory to: /home/xxx/mainfiles/

However, I was greeted with PHP warnings as follows:

[17-Dec-2014 07:28:39 Europe/London] PHP Warning: Unknown: open_basedir restriction in effect. File(/home/xxx/mainfiles/index.php) is not within the allowed path(s): (/home/xxx/public_html/customers/custA:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp) in Unknown on line 0
[17-Dec-2014 07:28:39 Europe/London] PHP Warning: Unknown: failed to open stream: Operation not permitted in Unknown on line 0
[17-Dec-2014 07:28:39 Europe/London] PHP Fatal error: Unknown: Failed opening required '/home/xxx/public_html/customers/custA/index.php' (include_path='.:/opt/alt/php54/usr/share/pear:/opt/alt/php54/usr/share/php') in Unknown on line 0


Therefore, I will need to call my web hosting company every single time I have a new customer signing up, to turn off this particular open_basedir parameter for the new customer's subdomain/directory.

The hosting company told me that the open_basedir parameter is configured per subdomain/directory, but cannot be configured per directory path (i.e. /home/xxx/mainfiles).

Are there any better way of doing this? Like using .htaccess or something...

My aims are:


System files must be secure, not directly accessible by users but only via subdomain calls - Thus I store it one level ABOVE public_html
I want to have a common folder where all my customer's subdomain directory will point to - So in the future I only need to do once changes for all customers
Customers can access the system upon successful sign-up
Remains to host in shared server hosting - Serving only small system file

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Hamm4606531

2 Comments

Sorted by latest first Latest Oldest Best

 

@Smith883

This sounds like an issue with the hosting company in my opinion. Who are you using? You should be able to modify your php.ini file across the board or at least find someone with this option set so it won't throw an error every time. Just a thought.

10% popularity Vote Up Vote Down


 

@Megan663

From Will Setting open_basedir in an .htaccess file completely limit a PHP scripts directory access? here is how you set the open_basedir for PHP in your .htaccess file:

php_flag open_basedir "/var/www/vhosts/mydomain.com/php_can_only_access_files_in_this_directory/"

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme