Can I add open_basedir for site? · CyberPanel Community

ne

nevigen Apr 02, 2018 #1

Hi.

Is there a way to automatically add open_basedir for site folder when I create site by panel?

us

usmannasir Apr 02, 2018 #2

OpenLiteSpeed does not support this yet.

ne

nevigen Apr 02, 2018 #3

Wow… But… How can I prevent access to a site folder by other users? Is this normal - Screenshot by Lightshot ?

ne

nevigen Apr 02, 2018 #4

In my opinion it’s not normal that I have access to privkey.pem, weadmin.csr, and other files in the root of the your demo server…

ba

baoang Apr 03, 2018 #5

I also noticed that, the privkey.pem is put under the root dir, but guess these keys/crts are self-signed by cyberpanel rather than by the users of/or the domains.

ne

nevigen Apr 03, 2018 #6

We must deny read/write access by PHP to any files and folders outside of the site’s directory. And only one question - how? Without this OpenLiteSpeed cannot be used in production.

je

jetchirag Apr 04, 2018 #7

+1 - wasn’t sure it allowed access like this

Cy

CyberPanel May 28, 2018 #8

ch

chiareu Feb 24, 2020 #9

For security is essential that open_basedir protection can be enabled server-wide by default from the security menu. Now we can’t even view somewhere if we have some website unprotected, that’s an invite for any child who dreams to hack some.