Warning** : file_exists(): open_basedir restriction in effect. After upgrading to version 2.3 (Build 3)

khongngu · March 30, 2023, 3:14am

I just upgraded version 2.3 (Build: 2) to version 2.3 (Build 3) but when I create a new website and go to wp-admin, I get the following error message:

Warning : file_exists(): open_basedir restriction in effect. File(/home/domain.com/public_html/wp-content/db.php) is not within the allowed path(s): (/tmp:/home/domain.com/) in /home/domain.com/public_html/wp-includes/load.php on line 569

josephgodwinke · March 30, 2023, 3:45am

Hello @khongngu

Go to List Websites → yourdomain.com → open_basedir and disable it

khongngu · March 30, 2023, 4:15am

Thank @josephgodwinke , I enabled the “open_basedir Protection” function when creating a new website. And also go to the enable operation as shown in the picture. But the error is still the error!

khongngu · March 30, 2023, 4:20am

This is the content of my “vHost Conf” file

docRoot $VH_ROOT/public_html
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails [email protected]
enableGzip 1
enableIpGeo 1

index {
useServer 0
indexFiles index.php, index.html
}

errorlog $VH_ROOT/logs/$VH_NAME.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}

accesslog $VH_ROOT/logs/$VH_NAME.access_log {
useServer 0
logFormat “%h %l %u %t “%r” %>s %b “%{Referer}i” “%{User-Agent}i””
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}

scripthandler {
add lsapi:quang4473 php
}

extprocessor quang4473 {
type lsapi
address UDS://tmp/lshttpd/quang4473.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 600
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp80/bin/lsphp
extUser quang4473
extGroup quang4473
memSoftLimit 2047M
memHardLimit 2047M
procSoftLimit 400
procHardLimit 500
}

phpIniOverride {
php_admin_value open_basedir “/tmp:$VH_ROOT”
php_admin_value open_basedir “/tmp:$VH_ROOT”
}

module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}

rewrite {
enable 1
autoLoadHtaccess 1
}

context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1

rewrite {

}
addDefaultCharset off

phpIniOverride {
php_admin_value open_basedir “/tmp:$VH_ROOT”
php_admin_value open_basedir “/tmp:$VH_ROOT”

}
}
vhssl {
keyFile /etc/letsencrypt/live/domain.com/privkey.pem
certFile /etc/letsencrypt/live/domain.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}

josephgodwinke · March 30, 2023, 4:20am

Remove this value and disable open_basedir as advised here Warning** : file_exists(): open_basedir restriction in effect. After upgrading to version 2.3 (Build 3) - #2 by josephgodwinke

khongngu · March 30, 2023, 5:53am

Thank @josephgodwinke
I followed you, delete the line

php_admin_value open_basedir “/tmp:$VH_ROOT”
php_admin_value open_basedir “/tmp:$VH_ROOT”

Then disable the open_basedir
The bug issue has been resolved, but does that have any security implications?

josephgodwinke · March 30, 2023, 6:37am

Limit the files that can be accessed by PHP to the specified directory-tree, including the file itself.
When a script tries to access the filesystem, for example using include, or fopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to access it. All symbolic links are resolved, so it’s not possible to avoid this restriction with a symlink. If the file doesn’t exist then the symlink couldn’t be resolved and the filename is compared to (a resolved) open_basedir

system · March 30, 2023, 5:06pm

This topic was automatically closed 3 hours after the last reply. New replies are no longer allowed.