PHP-FPM and including files outside document root

MarkPW

• October 05, 2018 14:14

I'm trying to include files via a PHP script from another user/public_html directory on my server, but PHP-FPM throws a "permission denied" error when I attempt it. I realise this has been asked here previously and is a security risk, but no solution was given and I'm willing to take the risk. I've attempted the following: Running Apache 2.4.34 & PHP 5.6.38 In /etc/apache2/conf.d/userdata/std/2_4/me/mydomain.com/custom.conf: Alias "/get" "/home/otheruser/public_html/get" SetHandler proxy:unix:/opt/cpanel/ea-php56/root/usr/var/run/php-fpm/{string from httpd.conf}.sock|fcgi://otheruser.com
Then... /scripts/ensure_vhost_includes --user=me && /usr/local/cpanel/scripts/rebuildhttpdconf && /usr/local/cpanel/scripts/restartsrv_httpd
Static files work as expected as it bypasses the proxy, but I'm getting a 404 not found response and fpm error log gives me: AH01071: Got error 'Primary script unknown\n'
Not sure it makes a difference but the "me" account from where I execute the script is a dedicated IP and I am utilising this address currently rather than a domain name. Any advice would be appreciated.

• 

  24x7server

  • October 06, 2018 04:34

  Hi, In the Apache configuration, there are 2 settings, FollowSymLinks and SymLinksIfOwnerMatch. Can you check if first setting is enabled? and check if symlink protection is enabled or disabled.

  0
• 

  cPanelLauren

  • October 10, 2018 13:09

  Hi @MarkPW This is a huge security risk and completely inadvisable. The configuration you're requesting is not something supported by cPanel and should you want to pursue implementing this I would suggest enlisting the assistance of a system administrator. If you don't have one you might find one here: System Administration Services | cPanel Forums. Thank you.

  0

Please sign in to leave a comment.