New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Do you recommend enabling PHP open_basedir Tweak?
This discussion has been closed.
Comments
Yes
Enable it for security.
Got it.
Topic can be closed!
Just get CloudLinux and don't worry!
CloudLinux is very helpful but it's not just a set-and-forget solution that makes your server unhackable instantly after installing it.
@mpkossen
In general, it is recommended to enable that directive. However, don't be under the allusion (if you were) that it will magically make your code "safe".
open_basedir is not so much about security, as helping with code sanity (though the two can be related). open_basedir is a small but useful layer that helps to verify that the PHP code is only able to access a given set of directories, by giving us an error when it tries to access a file outside of the directories we say.
If you're looking to secure your server, with respect to PHP and in a wider sense, then open_basedir is just one tiny step in that direction.