If you are having trouble with PHP commands like backticks (“), system(), exec(), passthru(), and others that spawn external commands, or are having trouble with errors like:
open_basedir Restrictions in effect, file is in wrong directory
Then you’ve written a script that doesn’t quite conform to our security standards.
We implement strict security for PHP scripts run by Apache, because otherwise, none of our users would be able to sufficiently secure sensitive information (like Database passwords)!
To protect your PHP scripts, we’ve disallowed all PHP functions that would let one user possibly open another user’s script (and see sensitive stuff like passwords). Our restrictions work in two parts:
1: OPEN_BASEDIR RESTRICTIONS
open_basedir restrictions prevent any of PHP’s file opening commands from working on any files outside of /home/youruser. Files BELOW that directory WILL WORK:
/home/youruser/phpstuff/some/more/dirs/file.info IS OK! PHP CAN OPEN IT!
NOTE: There have been some strange bugs that appeared with respect to open_basedir. Sometimes files that ARE in your home directory trigger an open_basedir error when they really shouln’t. Notify support when this happens.
2: DISABLED EXECUTION FUNCTIONS
We have disabled the backticks operator (“), system(), exec(), passthru(), and dl() because all of these functions could be used to run naughty external processes as Apache’s user.
Contact support if you have any questions!