Public Forums 71,145 posts

[biwebco Friend biwebcoJoin date: October 2009Posts: 4Downloads:0Uploads:0 Thanks: 3]

#158348

Hi all!

I have some problems while updating any item(module, plugin, theme, etc…). It’s good seen on screenshot:

So, I think that it is a Joomla problem – but all paths in configuration.php are good. Please help me to fix this.

Best regards.

[Phill Moderator PhillJoin date: February 2014Posts: 7013Downloads:40Uploads:77 Thanks: 917 Thanked: 2206 times in 1818 posts]

#370324

He we go, this will be a long answer. If you do not understand it then you will need to speak to your host. It was written with wp in mind but applies to any PHP script.

PHP open_basedir protection tweak is a Safe Mode security measure that prevents users from opening files or scripts located outside of their home directory with PHP, unless the folder has specifically excluded. PHP open_basedir setting if enabled, will ensure that all file operations to be limited to files under certain directory, and thus prevent php scripts for a particular user from accessing files in unauthorized user’s account. When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified or permissible directory-tree, PHP will refuse to open it and the following errors may occur:
Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/home/user_name/public_html/wp-content/uploads/2006/12/picture.jpg) is not within the allowed path(s): (/home/user_name:/usr/lib/php:/usr/local/lib/php:/tmp) in /home/user_name/public_html/wp-admin/inline-uploading.php on line 226
The above error message appears on a Apache httpd web server error log (error_log) hosting WordPress blog. However, the problem may happen to all system or websites that use PHP as scripting language.
The solution or workaround to open_basedir restriction problem is that disable the PHP open_basedir protection altogether, or to exclude the protection for certain privileged user accounts, or to allow access to the additional directory for PHP scripts.
If you’re using cPanel WebHost Manager (WHM), you can easily disable PHP open_basedir protection or exclude certain users from the protection with WHM. Simply go to “Tweak Security” under the “Security” section, then select “Configure” link for “Php open_basedir Tweak”. Inside it, you can enable or disable php open_basedir Protection, or exclude and include hosts from the protection.
If you’re using Plesk hosting control panel, you may need to manually edit Apache configuration file of vhost.conf and vhost_ssl.conf, and add in or edit the following php_admin_value open_basedir lines to the following:
<Directory /full/path/to/the/directory/httpdocs>
php_admin_value open_basedir none
</Directory>
<Directory /full/path/to/the/directory/httpdocs>
php_admin_value open_basedir /full/path/to/dir:/full/path/to/directory/httpdocs:/tmp
</Directory>
Note: For SSL hosts in the vhost_ssl.conf file, the Directory path will end with “httpsdocs” instead of “httpdocs”.
The paths (above is example only and to be replaced with real path) that behind open_basedir are the directories that specifically allowed for the PHP scripts in the vhost domain account to access, so you can add in more directories that files are been stored and needed to be opened by PHP, each seperated by color “:”. But be careful as it might expose your system to security fraud.
Once done, run the command below to make the changes effective, and then restart Apache httpd web server (apache2ctl restart or httpd restart):
$PRODUCT_ROOT_D/admin/sbin/websrvmng -v -a
If you have to manually edit the Apache configuration file to disable PHP open_basedir protection, simply open up the httpd.conf file, and search for the lines that starts with the following characters:
php_admin_value open_basedir …..
Replace the whole line under the virtual host for the domain user account that you want to disable protection with the following line to disable it:
php_admin_value open_basedir none
You can also opt to allow your PHP scripts to access additional directory instead without disabling the protection. Additional directory can be added to the line, separated with color “:”. For example, to add /new_directory to the allow list:
php_admin_value open_basedir “/home/user_account/:/usr/lib/php:/usr/local/lib/php:/tmp”
php_admin_value open_basedir “/home/user_account/:/usr/lib/php:/usr/local/lib/php:/tmp:/new_directory”
Restart the Apache after finished editing. Note that the directory allowed list restriction above is actually a prefix, not a directory name. This means that “open_basedir = /dir/incl” also allows access to “/dir/include” and “/dir/incls” if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: “open_basedir = /dir/incl/”.

1 user says Thank You to Phill for this useful post

1. biwebco

[biwebco Friend biwebcoJoin date: October 2009Posts: 4Downloads:0Uploads:0 Thanks: 3]

#370325

Ok, big thanks for the excellent explanation! I think that now i can disable open_basedir simple. But I afraid that script want to do something in tha path / – in the root directory of file system. Why it goes here?:confused:

[Phill Moderator PhillJoin date: February 2014Posts: 7013Downloads:40Uploads:77 Thanks: 917 Thanked: 2206 times in 1818 posts]

#370327

It is the /tmp folder and a few others, not in the root. Look at the paths in your error messages and just add those.

[biwebco Friend biwebcoJoin date: October 2009Posts: 4Downloads:0Uploads:0 Thanks: 3]

#370387

phill luckhurst

Could you explain me please – what paths should I add? I really don’t understand that – I think that “File(/)” means that script wants to do smth. in the / path… may be I make a mistake…

[Author]

Posts