[BlueOnyx:01982] Re: PHP errors trying to share SSL

[Michael Stauber]

Hi Robert,

> Thanks Ken, I got it to work. However, I added to the site71.include
> file and it did not work, so I added it manually to the site71 file
> appending to the existing open_basedir line and it works, but we know
> that will get wiped out in the future. 

Yeah, you see .... it's like this: The GUI field where you configure a sites  	
"open basedir" directories will not accept it if you add a /home/.sites/* path 
to it. Or more than one /home/.sites/* path.

In fact as soon as you save the changes, the displayed /home/.sites/* path is 
stripped out, the GUI checks what the sites real path is and adds the correct 
one.

That allows us to smartly adjust the "open basedir" settings when you CMU-
import a site.

Now whenever we add a security feature to BlueOnyx, someone comes around and 
wants to override or bypass it for whatever reason. :o)

Don't get me wrong, Robert: Your reasons for doing whatever you have in mind 
may be fine, but maybe it ain't the best of ideas from a security point of 
view.

For example I'm not sure why you want to "share SSL". Maybe a "cheap" USD 
31.50 2-year SSL certificate from http://www.rapidsslonline.com/ could solve 
those issues nicely without hacks?

Another option could be to add the symbolic path to "open_basedir". So instead 
of using /home/.sites/39/site71/ as extra "open_basedir" path add the symbolic 
path to it, which is like /home/sites/www.marlenasdecor.com/

Maybe that works for you.

Or try to turn "safe_mode" for that site off and see if it makes any 
difference, but be aware that this really cuts some corners and dumps security 
out of the window.

-- 
With best regards

Michael Stauber