Results 1 to 6 of 6

Thread: turning off safe mode

  1. #1
    Junior Member Newbie
    Join Date
    Jan 2007
    Posts
    13

    Default turning off safe mode

    I'm on a VPS 200 plan running Plesk. I recently loaded all of my website files on the server and am experiencing some strange behavior. First of all, I have a directory of scripts that resides outside of my root httpdocs folder and these are not accessible to the files in the httpdocs folder. Secondly, my css files are not loading images, and I have no idea what might be causing that problem.
    The first problem, I was told, has to do with running PHP in safe mode and setting open basedir to my httpdocs folder. This is set in the httpd.include file in the conf directory where my website resides. Since I'm only hosting my own website on the VPS there should be no harm in turning off safe mode right? I guess my question is how I go about overriding the commands in the httpd.include file? There is a note in that file not to touch anything there but to create a seperate vhost.conf file, which I did, but I haven't been successful in override the httpd.include file. Any insights into either of the above problems would be greatly appreciated! Thanks in advance,
    Dave

  2. #2
    Former Employee Newbie
    Join Date
    May 2006
    Posts
    45

    Default

    Hello Dave,

    You should be able to turn off the 'php safe mode' by logging into Plesk, clicking on 'domains', clicking on the particular domain, clicking on 'setup'. There you will see a checkbox that you will have to uncheck.

    Keep us posted on how your setup is going.

  3. #3
    Junior Member Newbie
    Join Date
    Jan 2007
    Posts
    13

    Default

    Pierre,
    Thanks for pointing that out! I forgot about that option, that was an easy fix. I noticed when I unchecked the box it simply turned safe mode to "off" in the httpd.include file in conf directory. Then I went ahead and changed the:
    open_basedir "...paths..." line (in 4 places)
    to read:
    open_basedir none
    So far that has worked just fine and my website and is now up and running. I don't assume I've exposed my server to any additional vulnerabilities by making this change? My understanding is this setting just controls what directories different accounts on the server can access and since I'm just hosting my own account this doesn't concern me? Please let me know if you think otherwise.

    Finally, the reason my css files weren't displaying some of the images I loaded onto the server is because a few of the jpegs, when I ftp'd them to the server, ended up with extensions in all caps (.JPG) and I just had to change these to .jpg

    Well, I'm sure I'll be back here with questions down the road, but things are looking good right now. Thanks,
    Dave

  4. #4
    Former Employee Newbie
    Join Date
    May 2006
    Posts
    45

    Default

    Glad to read that you got it to work.

    In terms of security you are good, you just loosened it a little bit for the concerned domain, it will not impact any other potential domains.

  5. #5
    Junior Member Newbie
    Join Date
    Jun 2007
    Posts
    4

    Default

    black_box:

    Im afraid that if you try and edit the settings of your domain in plesk that the conf/httpd.include file will be overwritten and your changes will be gone. A definitive solution to this problem would be helpful as i am in the same boat. FWIW i have had this same issue on other vps systems from other vendors so its not spry's problem exclusively.

  6. #6
    Member Newbie
    Join Date
    Oct 2006
    Posts
    90

    Default

    Plesk does this because it rewrites the entire apache configuration when you make changes. Unfortunately this isn't something that can be stopped, and is something you have to take along with the control panel.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •