RevengeFNF Posted April 19, 2018 Posted April 19, 2018 15 minutes ago, Woodsman said: You need to reboot your server after making the php.ini changes to have them go into effect. Obviously if you can't reboot your server yourself you need to contact your host. You don't need to reboot the server, just restart php-fpm or apache, whatever you are using.
Woodsman Posted April 19, 2018 Posted April 19, 2018 1 minute ago, RevengeFNF said: You don't need to reboot the server, just restart php-fpm or apache, whatever you are using. Yes if you have independent access tools to restart separately I agree. As this goes in my case with my present host I can reboot from my hosting account but not via the WHM at present.
Restricted Content Posted April 19, 2018 Posted April 19, 2018 On 4/11/2018 at 3:09 PM, Adlago said: My host confirmed that open_basedir is enable. Nonetheless, I added to that in php ini: open_basedir = "/home/:/tmp" This did not remove a message. I added the same to in the admin folder php ini file and then a message has already been removed. Strange ... where is php ini? Thats my question.Then it says disable all this: exec, system, pcntl_exec, popen, proc_open, shell_exec I cannot find any of it.
Adlago Posted April 19, 2018 Posted April 19, 2018 php ini is in your root directory. Open it in Notepad++, and add disable_functions = exec,pcntl_exec,popen,proc_open,system, shell_exec open_basedir = "/home/:/tmp" upload again in root. I added also php ini in the admin directory. This removed messages in the ACP
opentype Posted April 19, 2018 Posted April 19, 2018 Check with your host (e.g. their support/FAQ area). You might not have access to the php.ini at all and so looking for the file might be pointless.
Restricted Content Posted April 19, 2018 Posted April 19, 2018 My host is about as useless as taking gasoline to put out a fire! Guess I will just take it down and use something else...Thanks for the help.
jcdesign Posted April 19, 2018 Posted April 19, 2018 For WHM user using Easy Apache. First enable PHP open_basedir Protection and save Go to MultiPHP INI Editor Mode and choose PHP version your site are on. Place this code somwhere in the php.ini editor and save: open_basedir = "/home/:/tmp" Go to Restart Services and press PHP-FPM (In my case) Restart and you are done! The message should disappear in your IPS ACP.
j4ss Posted April 19, 2018 Posted April 19, 2018 3 hours ago, Woodsman said: You need to reboot your server after making the php.ini changes to have them go into effect. Hi, what changes needed in php.ini? my php.ini file is "open_basedir = on"
AlexWright Posted April 19, 2018 Posted April 19, 2018 49 minutes ago, j4ss said: Hi, what changes needed in php.ini? my php.ini file is "open_basedir = on" That won't necessarily do anything. "open_basedir" is a command that gives permissions to certain files and folders. That's why: open_basedir = "/home/:/tmp" Works. It's giving that PHP the permissions only into /home/ (Implying subdirectories) and /tmp (implying no subdirectories).
Rhett Posted April 19, 2018 Posted April 19, 2018 Please consult with your server administrator, each case may be different and require a different setup/path/setting, based on many factors, you cannot simply provide one setting for everyone. Do not apply settings in this topic if you are not sure of what you are doing, doing so can cause security issues. You do not need to restart the server after applying the settings either, only php/apache
AlexWright Posted April 20, 2018 Posted April 20, 2018 2 minutes ago, Rhett said: Please consult with your server administrator, each case may be different and require a different setup/path/setting, based on many factors, you cannot simply provide one setting for everyone. Do not apply settings in this topic if you are not sure of what you are doing, doing so can cause security issues. You do not need to restart the server after applying the settings either, only php/apache This most of all.
opentype Posted April 20, 2018 Posted April 20, 2018 7 hours ago, AlienOrigins said: Guess I will just take it down and use something else... It’s just a helpful tip from IPS how to make your community website more secure. It is completely unrelated to the IPS software and not required by it.
Restricted Content Posted April 20, 2018 Posted April 20, 2018 3 hours ago, opentype said: It’s just a helpful tip from IPS how to make your community website more secure. It is completely unrelated to the IPS software and not required by it. Thanks....I got my host finally to edit the php ini everything is cool now.
Tracy Perry Posted April 20, 2018 Posted April 20, 2018 On 4/14/2018 at 1:55 PM, opentype said: Well, putting it on the dashboard is definitely working. We can tell from all the topics about people trying to set the additional security measures. ? Problem is... some of us run (admin) our own servers... and we DON'T have open_basedir enabled for a specific reason - same way with the "dangerous php functions" being enabled. I'm well aware of what I have enabled... I don't need a big old warning that can't be dismissed from something that doesn't know the why/how of my configuration. ?
bearback Posted April 20, 2018 Posted April 20, 2018 so can the warning be removed if you don't update open_basedir ? thank you
RevengeFNF Posted April 21, 2018 Posted April 21, 2018 5 hours ago, Tracy Perry said: Problem is... some of us run (admin) our own servers... and we DON'T have open_basedir enabled for a specific reason - same way with the "dangerous php functions" being enabled. I'm well aware of what I have enabled... I don't need a big old warning that can't be dismissed from something that doesn't know the why/how of my configuration. ? You can always open_basedir the whole server and the message will disappear.
Tracy Perry Posted April 21, 2018 Posted April 21, 2018 16 minutes ago, RevengeFNF said: You can always open_basedir the whole server and the message will disappear. Yes, but why should I have to?
RevengeFNF Posted April 21, 2018 Posted April 21, 2018 34 minutes ago, Tracy Perry said: Yes, but why should I have to? Because IPS decided to add a big warning
bfarber Posted April 23, 2018 Posted April 23, 2018 So, backing up, all we did was (1) move our security warnings/recommendations to the dashboard to give them more visibility, and (2) fixed some bugs causing some of the messages to be unreliable. Obviously this has worked, as evidenced by this thread...perhaps a little too well. We will be removing the open_basedir warning in an upcoming maintenance release, and allowing the other warnings to be dismissed for a short period of time.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.