I have read and followed this howto, but I'm pretty confused. I added the following php script in / var/www/web1/web/test.php and calling it from the browser I can read the contents of the entire server, including the document root of web2. PHP: <?php $dir = '/etc/httpd'; $files1 = scandir($dir); print_r($files1); ?> Output: Array ( [0] => . [1] => .. [2] => conf [3] => conf.d [4] => logs [5] => modules [6] => run ) How can I limit web1 only to its document root / var/www/web1/web/ ? Thanks
You can set open_basedir to /var/www/web1/web, e.g. with the line Code: exec /usr/bin/php-cgi -d open_basedir=/var/www/web1/web in your php-fcgi-starter script.