PHP Variables - Open Basedir
PHP Variables - Open Basedir
When you create a new website there are 2 PHP settings which are automatically added to the site; PHP Memory limit and open_basedir. If you'd like to know more, we've got a guide which talks about the memory_limit and changing it here.
open_basedir limits the files that can be accessed by PHP to the specified directory-tree, including the file itself. When a script tries to access the filesystem, for example using include, or fopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to access it and the site will not load (there are various error messages you may get but a 500 error is common). By default all websites are restricted to their own site files and tmp location, here is an example of the restriction used.
If your website tries to use files/folders outside of this restriction you will see errors in the error log similar to this (the paths in the error will be different from this example):
Unknown: open_basedir restriction in effect. File(/home/mysite/public_html/wordfence-waf.php) is not within the allowed path(s): (/home/storm/sites/mywebsite-com/:/home/storm/tmp/mywebsite-com:/tmp) in Unknown on line 0PHP message: PHP Warning: Unknown: Failed to open stream: Operation not permitted in Unknown on line 0PHP message: PHP Fatal error: Failed opening required '/home/mysite/public_html/wordfence-waf.php' (include_path='.:/usr/share/php') in Unknown on line 0'
This indicates that something on the site has a 'hard' path set (meaning the exact path is stipulated somewhere in the plugin or configuration). The best way to resolve this issue is to work out what is trying to access the folder outside of the website files and correct the configuration for it. A common culprit is WordFence, we have a guide for identifying that here.
Please note: removing this PHP directive is dangerous as it will allow your site to read/write anywhere on the server, so if the site is hacked is could affect all sites on the server.
Updated 3 months ago