Skamasle
commented
7 years ago This can be inplemented by default, but people may change name or dir or maybe orther CMS or framework need orther dir
So, as vesta is opensource you can create your own apache template, just modify template in /usr/local/vesta/data/templates/web
And thats all, add private dir to your open_basedir and you can select that template in vestacp in webs you need
Is very easy procedure, just copy default.tpl and default.stpl and modify both
Operating System (OS/VERSION):
Ubuntu 16.04
VestaCP Version:
The 0.9.8-17 release
Installed Software (what you got with the installer):
apache, nginx, mysql
Steps to Reproduce:
Put web application in /home/%user%/web/%domain%/private and only expose index.php in /home/%user%/web/%domain%/public_html Which is the recommend way in many php frame_work like code Ignite, laravel,...
Result: The web app fail to load because of fatal PHP error since the default open_basedir restriction is in effect and the private folder is not allowed.
Expected result : The application load normally
Other Notes:
I don't know what was the intended function for the private folder in domain's web data. But as per instructed since I start working with some PHP framework, I put all source code in private folder and only index.php is in public directory. Of course the framework was design so that Index.php will include necessary stuff from private folder and render the website.
However recent version of vesta set open_basedir restriction in default and don't allowed PHP access to file in private directory, this has break several of my websites.
I don't think there could be any advantage in excluding private directory from open_basedir white-list but if I miss something, please enlighten me.