Hello, I have a bunch of servers with 3 drives: 25GB for the Debian6/7 OS and 2 1TB drives for site content/backup. I folllowed these instructions: https://www.howtoforge.com/use_moun...ctory_of_a_ispconfig_server_to_a_new_location All seemed to be working fine until I installed the "amember_remote" script which attempts to protect a directory/folder. The script is at the same level as the directory I am attempting to protect, both are in web (web/amember_remote and web/members) ... I can not "bounce up" (get into) the web directory in order to select members for protection and error log shows: [Wed Feb 25 00:42:36 2015] [warn] [client 97.80.178.92] mod_fcgid: stderr: PHP Warning: is_dir(): open_basedir restriction in effect. File(/var/www/clients/client23/web39) is not within the allowed path(s): (/var/www/clients /client23/web39/web:/var/www/clients/client23/web39/private:/var/www/clients/client23/web39/tmp:/var/www/DOMAIN_NAME_4/web:/srv/www/DOMAIN_NAME_4/web:/usr/share/php5:/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/ var/lib/phpmyadmin) in /var/www/clients/client23/web39/web/amember_remote/controllers/AdminController.php on line 254, referer: http://DOMAIN_NAME_4/amember_remote/admin/protect Here's my server's setup: root@server_name:/home/www# more /etc/fstab # /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc defaults 0 0 # / was on /dev/xvda2 during installation UUID=4877a283-0f1e-4bde-8a0a-97b7e9b92a3e / ext3 errors=remount-ro,noatime 0 1 # /boot was on /dev/xvda1 during installation UUID=6d14d427-c3b2-4b7d-915b-37dece24913a /boot ext3 defaults,noatime 0 2 LABEL=SWAP-xvdb1 swap swap defaults 0 0 /dev/xvdc /home ext3 errors=remount-ro,noatime,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0 0 3 /dev/xvde /backups ext3 errors=remount-ro,noatime 0 4 /home/www /var/www none bind,nobootwait,_netdev 0 0 # /var/log/ispconfig/httpd/DOMAIN_NAME_1 /var/www/clients/client23/web6/log none bind,nobootwait,_netdev 0 0 /var/log/ispconfig/httpd/DOMAIN_NAME_2 /var/www/clients/client23/web13/log none bind,nobootwait,_netdev 0 0 /var/log/ispconfig/httpd/DOMAIN_NAME_3 /var/www/clients/client23/web39/log none bind,nobootwait,_netdev 0 0 /var/log/ispconfig/httpd/DOMAIN_NAME_4 /var/www/clients/client23/web45/log none bind,nobootwait,_netdev 0 0 root@server_name:/home/www# df Filesystem 1K-blocks Used Available Use% Mounted on rootfs 25555836 2738220 21519440 12% / udev 10240 0 10240 0% /dev tmpfs 205288 164 205124 1% /run /dev/disk/by-uuid/4877a283-0f1e-4bde-8a0a-97b7e9b92a3e 25555836 2738220 21519440 12% / tmpfs 5120 0 5120 0% /run/lock tmpfs 829860 0 829860 0% /run/shm /dev/xvda1 240972 34480 194051 16% /boot /dev/xvdc 774092544 124258448 610512496 17% /home /dev/xvde 774092544 718756916 16014028 98% /backups /dev/xvdc 774092544 124258448 610512496 17% /var/www /dev/disk/by-uuid/4877a283-0f1e-4bde-8a0a-97b7e9b92a3e 25555836 2738220 21519440 12% /var/www/clients/client23/web6/log /dev/disk/by-uuid/4877a283-0f1e-4bde-8a0a-97b7e9b92a3e 25555836 2738220 21519440 12% /var/www/clients/client23/web13/log /dev/disk/by-uuid/4877a283-0f1e-4bde-8a0a-97b7e9b92a3e 25555836 2738220 21519440 12% /var/www/clients/client23/web39/log /dev/disk/by-uuid/4877a283-0f1e-4bde-8a0a-97b7e9b92a3e 25555836 2738220 21519440 12% /var/www/clients/client23/web45/log root@server_name:/var/www# ls -la total 36 drwxr-xr-x 8 root root 4096 Feb 23 13:33 . drwxr-xr-x 12 root root 4096 Feb 19 13:59 .. drwxr-xr-x 2 ispapps ispapps 4096 Feb 4 20:03 apps lrwxrwxrwx 1 root root 31 Feb 4 23:17 DOMAIN_NAME_1 -> /var/www/clients/client23/web6/ drwxr-xr-x 3 root root 4096 Feb 4 23:17 clients drwxr-xr-x 3 root root 4096 Feb 27 03:05 conf lrwxrwxrwx 1 root root 32 Feb 5 20:41 DOMAIN_NAME_2 -> /var/www/clients/client23/web13/ lrwxrwxrwx 1 root root 32 Feb 16 12:50 DOMAIN_NAME_3 -> /var/www/clients/client23/web39/ -rw-r--r-- 1 root root 177 Feb 4 15:36 index.html drwx------ 2 root root 4096 Feb 4 13:17 lost+found drwxr-xr-x 7 root root 4096 Feb 23 13:33 php-fcgi-scripts lrwxrwxrwx 1 root root 32 Feb 23 13:33 DOMAIN_NAME_4 -> /var/www/clients/client23/web45/ drwxr-xr-x 2 root root 4096 Feb 27 06:27 webalizer root@server_name:/home# ls -la total 28 drwxr-xr-x 3 root root 4096 Feb 19 14:01 . drwxr-xr-x 25 root root 4096 Feb 19 13:40 .. -rw------- 1 root root 8192 Feb 27 09:38 aquota.group -rw------- 1 root root 8192 Feb 27 09:38 aquota.user drwxr-xr-x 8 root root 4096 Feb 23 13:33 www root@server_name:/home/www# ls -la total 36 drwxr-xr-x 8 root root 4096 Feb 23 13:33 . drwxr-xr-x 3 root root 4096 Feb 19 14:01 .. drwxr-xr-x 2 ispapps ispapps 4096 Feb 4 20:03 apps lrwxrwxrwx 1 root root 31 Feb 4 23:17 DOMAIN_NAME_1 -> /var/www/clients/client23/web6/ drwxr-xr-x 3 root root 4096 Feb 4 23:17 clients drwxr-xr-x 3 root root 4096 Feb 27 03:05 conf lrwxrwxrwx 1 root root 32 Feb 5 20:41 DOMAIN_NAME_2 -> /var/www/clients/client23/web13/ lrwxrwxrwx 1 root root 32 Feb 16 12:50 DOMAIN_NAME_3 -> /var/www/clients/client23/web39/ -rw-r--r-- 1 root root 177 Feb 4 15:36 index.html drwx------ 2 root root 4096 Feb 4 13:17 lost+found drwxr-xr-x 7 root root 4096 Feb 23 13:33 php-fcgi-scripts lrwxrwxrwx 1 root root 32 Feb 23 13:33 DOMAIN_NAME_4 -> /var/www/clients/client23/web45/ drwxr-xr-x 2 root root 4096 Feb 27 06:27 webalizer I have added /home/www/DOMAIN_NAME_4/web to the open_dir statement on the ISPConfig Option tab ... doesn't help ... I have manually editted the site's apache conf only to get a 403 "You aren't authorized" message. I switched over to suPHP only to get yet another error message I believe the symlinks are the issue ... and at this point I am not sure how to fix this. Any help the Forum can provide is appreciated. Thank you.
Your script should not try to access paths outside of the website root directory. But if you want to allow that anyway, then add the path /var/www/clients/client23/web39 to the open basedir path of the website. I dont think that this is related. Your script just tries to access the directory below the vhost root of the site which it should not do. you should consider to report that to the developer if the script.
I appreciate the reply ... If I upload the script to "web/amember_remote" and kick off the script, I get directory list: / var / www / clients / client23 / web39 / web / amember_remote when I click on the Protect Folders link, clicking on the web link go up a level, gets a: [Fri Feb 27 14:21:28 2015] [warn] [client 97.80.178.92] mod_fcgid: stderr: PHP Warning: is_dir(): open_basedir restriction in effect. File(/var/www/clients/client23/web39) is not within the allowed path(s): (/var/www/clients/client23/web39/web:/home/www/clients/client23/web39/web:/var/www/clients/client23/web39/private:/var/www/clients/client23/web39/tmp:/var/www/DOMAIN_NAME/web:/srv/www/DOMAIN_NAME/web:/usr/share/php5:/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin) in /var/www/clients/client23/web39/web/members/amember_remote/controllers/AdminController.php on line 254, referer: http://DOMAIN_NAME/amember_remote/admin/protect If I upload the script to "web/members/amember_remote" and kick off the script, I get the directory list: / var / www / clients / client23 / web39 / web / members / amember_remote when I click on the Protect Folders link, clicking on the members link go up a level, I go up one level ... and if I click on the web link, I get the open_basedir error. There is something about that web directory, the config statements or the symlinks which is causing an issue with fcgi and this amember_remote script. Contacting the Developers was my next step ... the main script doesn't have this problem. Thanks again.
