Occasionally website owners report the error “Warning: realpath() [function.realpath]: open_basedir restriction in effect. File(/path/to/file) is not within the allowed path(s)” displayed for their websites in Odin Plesk servers.
It usually happens after installing an application or a site upgrade, and causes the website to crash with this error.
What is this error?
open_basedir is a PHP feature to restrict the directories a PHP application can access. So, even if an application vulnerability allows an attacker to control the application, it cannot access critical server files.
By default Plesk limits PHP access of each account to its web-root and /tmp folder. So, when an application requires access to an outside folder, like “/usr/lib/php/modules” where a PHP library or a function is defined, the open_basedir restriction will cause this error.
How to fix this error?
There two broad ways in which this error can be resolved:
1. Disabling the open_basedir setting.
2. Adding the required path to the allowed paths in open_basedir
See how we add value to your business!
Disabling open_basedir setting
open_basedir can be disabled either globally or specifically for one user. This is done by changing the value of open_basedir to “none” as shown below:
Edit HTTPD_VHOSTS_D/your_domain.com/conf/vhost.conf and HTTPD_VHOSTS_D/your_domain.com/conf/vhost_ssl.conf, and add the below line to it:
php_admin_value open_basedir none
However, this is NOT RECOMMENDED for any server, especially in shared servers. The better way is to add the additional file location in the default path list.
[ Take care of your customers, before your competitors do. Get world-class support specialists to delight your customers. ]
Appending the allowed path list
You can get the application to run safely by adding the new file path to the existing open_basedir path list as shown below:
Edit HTTPD_VHOSTS_D/your_domain.com/conf/vhost.conf and HTTPD_VHOSTS_D/your_domain.com/conf/vhost_ssl.conf, and add the below line to it: php_admin_value open_basedir HTTPD_VHOSTS_D/your_domain.com/httpdocs:/tmp:/NEW_FILE_PATH
Once these files are edited, you need to reconfigure the web server as shown below:
In Plesk versions 9.x and older run the command: # /usr/local/psa/admin/sbin/websrvmng -a -v In Plesk 10.x, run the command: # /usr/local/psa/admin/sbin/httpdmng --reconfigure-all
Once this is done, use a phpinfo file to check if the setting has taken effect. Put the code below in a php file in the web root to see the setting:
phpinfo();
Web application configuration can fail due to a variety of reasons in a Odin Plesk environment. Bobcares helps Plesk webmasters quickly resolve a web application configuration issue, thereby minimizing business downtime.
0 Comments