====== How to enable open_basedir to work with LSPHP and EA4 ======
With the introduction of EasyApache 4, WHM’s user_basedir tweak now requires some configuration to be enabled. It is highly recommended to use user_basedir to prevent clients from running PHP scripts which they do not own.

===== What is open_basedir? =====
Open_basedir is a PHP setting that limits the files that can be accessed by PHP to the specified directory-tree, including the file itself.

===== How to check if open_basedir is enabled? =====
To check if open_basedir is enabled, create a phpinfo page and search for open_basedir. If open_basedir is set to a value other than "no value", it is enabled.

===== Setup =====
*NOTE* If you already have a PHP DSO handler installed you can skip to step 9

1. Login to the WHM admin panel.
   
2. Navigate to **Software -> EasyApache 4**

3. Under “Currently Installed Packages”, select “Customize”
   
4. Select “PHP Extensions”
   
5. Search for ‘phpXX-php, where XX is the PHP version number, and toggle the switch so that it appears blue and says “Install”<html><br></html>
*NOTE* If it says “this will remove a package”, this can mean that you already have a DSO handler installed and can skip to step 9

6. Select “Review"
   
7. After confirming that everything looks correct, click on “Provision”
   
8. Click “Done”
   
9. Navigate to **Security Center -> PHP open_basedir tweak**
   
10. Tick the checkbox that says “Enable php open_basedir Protection”
   
11. Save your changes

That’s it, all done! Users are now prevented from running PHP scripts outside of their home directory.