Hi.
Is there a way to automatically add open_basedir for site folder when I create site by panel?
OpenLiteSpeed does not support this yet.
Wow… But… How can I prevent access to a site folder by other users? Is this normal - Screenshot by Lightshot ?
In my opinion it’s not normal that I have access to privkey.pem, weadmin.csr, and other files in the root of the your demo server…
I also noticed that, the privkey.pem is put under the root dir, but guess these keys/crts are self-signed by cyberpanel rather than by the users of/or the domains.
We must deny read/write access by PHP to any files and folders outside of the site’s directory. And only one question - how? Without this OpenLiteSpeed cannot be used in production.
+1 - wasn’t sure it allowed access like this
For security is essential that open_basedir protection can be enabled server-wide by default from the security menu. Now we can’t even view somewhere if we have some website unprotected, that’s an invite for any child who dreams to hack some.