Differences

This shows you the differences between two versions of the page.

@@ Line 1: / Line 1: @@
+====== How to enable open_basedir to work with LSPHP and EA4 ======
+With the introduction of EasyApache 4, WHM’s user_basedir tweak now requires some configuration to be enabled. It is highly recommended to use user_basedir to prevent clients from running PHP scripts which they do not own.
+===== What is open_basedir? =====
+Open_basedir is a PHP setting that limits the files that can be accessed by PHP to the specified directory-tree, including the file itself.
+===== How to check if open_basedir is enabled? =====
+To check if open_basedir is enabled, create a phpinfo page and search for open_basedir. If open_basedir is set to a value other than "no value", it is enabled.
+===== Setup =====
+*NOTE* If you already have a PHP DSO handler installed you can skip to step 9
+. Login to the WHM admin panel.
+. Navigate to **Software -> EasyApache 4**
+. Under “Currently Installed Packages”, select “Customize”
+. Select “PHP Extensions”
+. Search for ‘phpXX-php, where XX is the PHP version number, and toggle the switch so that it appears blue and says “Install”<html><br></html>
+*NOTE* If it says “this will remove a package”, this can mean that you already have a DSO handler installed and can skip to step 9
+. Select “Review"
+. After confirming that everything looks correct, click on “Provision”
+. Click “Done”
+. Navigate to **Security Center -> PHP open_basedir tweak**
+. Tick the checkbox that says “Enable php open_basedir Protection”
+. Save your changes
+That’s it, all done! Users are now prevented from running PHP scripts outside of their home directory.