Last modified by Crucial on Wed, May 28, 2008 00:26
Source|Old Revisions  |  Back To Group

This is an old revision of the document!

Many shared hosting companies enable open_basedir by default. This is done for security purposes, since it limits the files that can be opened by PHP to a specific user.

An explanation of open_basedir can be found in the PHP manual:

When a script tries to open a file [...], the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to open it.

This error message is received when trying to access Magento Connect. This is typically not something you can fix unless yourself, unless you’re on a VPS or dedicated server with root access.

For the majority of people out there, you’ll need to ask your host to disable open_basedir on your account.

By the way, the error message you’ll receive will have the following somewhere in it:

open_basedir restriction in effect

This restriction can be a good or bad thing depending on how you look at it.

We personally enable the open_basedir restriction for our Split-Shared clients unless they ask to have it removed. Clients running on Magento Containers have this disabled by default.

We also use Suhosin to further protect clients, which also applies to those that do have the open_basedir restriction removed.

You might have seen something about Suhosin in the .htaccess file for Magento:

php_flag suhosin.session.cryptua off


Magento 2 GitHub Repository

Magento Job Board - Some sort of tag line goes here

Latest Posts| View all Jobs