Can I add open_basedir for site?


Is there a way to automatically add open_basedir for site folder when I create site by panel?

OpenLiteSpeed does not support this yet.

Wow… But… How can I prevent access to a site folder by other users? Is this normal - Screenshot by Lightshot ?

In my opinion it’s not normal that I have access to privkey.pem, weadmin.csr, and other files in the root of the your demo server…

I also noticed that, the privkey.pem is put under the root dir, but guess these keys/crts are self-signed by cyberpanel rather than by the users of/or the domains.

We must deny read/write access by PHP to any files and folders outside of the site’s directory. And only one question - how? Without this OpenLiteSpeed cannot be used in production.

+1 - wasn’t sure it allowed access like this

For security is essential that open_basedir protection can be enabled server-wide by default from the security menu. Now we can’t even view somewhere if we have some website unprotected, that’s an invite for any child who dreams to hack some.