For cPanel & WHM 11.44
(Home >> Security Center >> PHP open_basedir Tweak)
open_basedir tweak limits users' ability to browse the file system with PHP. It prevents PHP's access to the user's home directory,
/tmp, and some necessary PHP system directories. This protects foreign files from PHP access.
This security tweak modifies the Apache configuration file, regardless of the PHP handler that you have selected.
- Apache configuration file directives for PHP only take effect if you select the DSO handler.
- If you have configured PHP to run as a CGI, suPHP, or FastCGI process, you must manually specify the
open_basedirdirective in the appropriate
php.inifile. Users must each have their own
php.inifiles when they use a PHP handler that is not DSO.
Enable the open_basedir tweak
To enable the
open_basedir tweak, perform the following steps:
- Select the Enable php open_basedir Protection checkbox.
- Select the domains that you wish to exclude, and disable protection for their files.
- Click Save.
When you enable the
open_basedir tweak, the system adds PHP admin directives to each Virtual Host in the
These directives limit users' PHP access to the following directories:
If PHP 4 is compiled into Apache, users can also access the following directories: