Hi, i try to install dolphin on a windows server using Zpanel as Server control panel
I got this error when i try to run the install script..
Warning: file_exists(): open_basedir restriction in effect. File(/usr/local/bin/php) is not within the allowed path(s): (c:/zpanel/hostdata/zadmin/public_html/MYDOMAIN;c:/windows/temp) in C:\zpanel\hostdata\zadmin\public_html\MYDOMAIN\install\index.php(1200) : runtime-created function on line 2 Warning: file_exists(): open_basedir restriction in effect. File(/usr/bin/php) is not within the allowed path(s): (c:/zpanel/hostdata/zadmin/public_html/MYDOMAIN;c:/windows/temp) in C:\zpanel\hostdata\zadmin\public_html\MYDOMAIN\install\index.php(1200) : runtime-created function on line 3 Warning: popen() has been disabled for security reasons in C:\zpanel\hostdata\zadmin\public_html\MYDOMAIN\install\index.php(1200) : runtime-created function on line 4
i dont understand.. the first 2 step of the install works... but the 3rd page dont work.. i think its the page where the script detect the server module path
what should i change in my Zpanel server config... im using apache and php version 5.3.20
and i make all the change into php.ini that i see in the pre setting to make before install dolphin
so i dont know whats wrong
thx
|
File(/usr/local/bin/php)
This is not right for a windows server, if you used some auto install script then you should remove that and install dolphin with its own installer. Plus if you can then edit the php.ini and disable open_basedir.
so much to do.... |
Contact Dolphin Jay, he has Dolphin running on Windows Server. Geeks, making the world a better place |
|
but i use the default boonex dolphin installer to install dolphin... www.mydomain.com/install
File(/usr/local/bin/php)
This is not right for a windows server, if you used some auto install script then you should remove that and install dolphin with its own installer. Plus if you can then edit the php.ini and disable open_basedir.
|
but i use the default boonex dolphin installer to install dolphin... www.mydomain.com/install
File(/usr/local/bin/php)
This is not right for a windows server, if you used some auto install script then you should remove that and install dolphin with its own installer. Plus if you can then edit the php.ini and disable open_basedir.
well in that case, edit your header.inc.php and update this to correct path to php binary on windows (some php.exe somewhere), you can ask your host.
$PHPBIN = "/usr/local/bin/php";
so much to do.... |
the header.inc.php file is not already in the inc directory because its a fresh new install so the file is not created yet.. it suppose to be created by the install script during the install process |
ok now i disable open_basedir
and now the error look like
Warning: popen() has been disabled for security reasons in C:\zpanel\hostdata\zadmin\public_html\MYDOMAIN\install\index.php(1200) : runtime-created function on line 4 |
Dolphin has specific requirements. The open base dir restriction you fixed i guess. But the server php settings also appear to have disabled some functions dolphin needs as well. popen is required by dolphin, but your host has disabled it.
https://www.deanbassett.com |
LOL all this time i was thinking its already installed :P
Just disable the open_basedir and all those other restrictions, cuz dolphins are demanding...
so much to do.... |
well ok now it works because i disable all the suhosin security block
but it's very risk for security to do that... so i must enable it in Zpanel.... but i can remove some function to be block
so in the list below wich one i need to remove of the blacklist to make dolphin works fine?
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
thx
|
focus on other security problems instead of being unnecessary careful on php functions.
(other than some known bad functions which are disabled by default)
so much to do.... |
focus on other security problems instead of being unnecessary careful on php functions.
(other than some known bad functions which are disabled by default)
ok... and what you mean???
|
focus on other security problems instead of being unnecessary careful on php functions.
(other than some known bad functions which are disabled by default)
ok... and what you mean???
I mean, unless you allow your users to run php code on your server you don't have to worry too much about php functions. I don't run windows servers so i don't know what other security problems those have.
so much to do.... |
well ok now it works because i disable all the suhosin security block
but it's very risk for security to do that... so i must enable it in Zpanel.... but i can remove some function to be block
so in the list below wich one i need to remove of the blacklist to make dolphin works fine?
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
thx
Hardly no one runs suhosin. It's really not necessary. The goal behind Suhosin is to be a safety net that protects servers from insecure PHP coding practices. And is not necessary unless you running a lot of PHP scripts written by amateurs.
Unless your providing hosting services to dozens of other people. In other words sharing your server with others. If your the only one using it then all you really need to do is keep your servers software packages up to date which patches security holes as they are found. All operating systems release security updates on a regular basis, and that is pretty much all you need to keep up with.
Anyhow. From that list, dolphin may need these.
shell_exec, popen, pclose, and exec
https://www.deanbassett.com |
