20 jili casino login register online.Enjoy Free 888+200 Daily Legal Bonus

Resolved

(@markussss)

One of my sites uses GiveWP and it is often slow in the backend, this made me figure out that there is a warning showing that is related to php_safemode and GiveWP

I contacted the hosting company and they told me they cannot change it due to security reasons. So it’s on the plugin to do something about it (their opinion).

is_readable(): open_basedir restriction in effect. File(/dev/urandom) is not within the allowed path(s): (/home/.sites/445/site9985479/web:/home/.sites/445/site9985479/tmp:/usr/share/pear:/usr/bin/php_safemode)

https://cln.sh/VnBwYhVG

wp-includes/class-phpass.php:73
is_readable()
wp-includes/class-phpass.php:73
PasswordHash->get_random_bytes()
wp-content/plugins/give/includes/class-give-session.php:478
Give_Session->generate_donor_id()
wp-content/plugins/give/includes/class-give-session.php:177
Give_Session->__setup()
wp-content/plugins/give/includes/class-give-session.php:140
Give_Session::get_instance()
wp-content/plugins/give/src/ServiceProviders/LegacyServiceProvider.php:240
Give\ServiceProviders\LegacyServiceProvider->bindInstance()
wp-content/plugins/give/src/ServiceProviders/LegacyServiceProvider.php:219
Give\ServiceProviders\LegacyServiceProvider->bindClasses()
wp-content/plugins/give/src/ServiceProviders/LegacyServiceProvider.php:24
Give\ServiceProviders\LegacyServiceProvider->register()
wp-content/plugins/give/give.php:429
Give->loadServiceProviders()
wp-content/plugins/give/give.php:270
Give->init()
wp-includes/class-wp-hook.php:308
do_action('plugins_loaded')
wp-settings.php:480

Is there something you can do about that?

I am not sure what the impact is but I think it leads to requiring lots of resources

best regards
Markus

Viewing 6 replies - 1 through 6 (of 6 total)

stephanieliy
(@stephanieliy)

2 years ago

Hi @markussss ,
Glad you reached out. Can you send along which version of PHP you are using? Safemode is a feature that was deprecated back in version 5.3, and removed altogether in version 5.4.

GiveWP’s minimum requirements include PHP version 7.0, so if you are running an outdated version of PHP this could be the source of your trouble.

PHP safemode is generally implemented as a method of dealing with security in a shared server environment, and it isn’t really the best way to provide security. Hosting and servers are the top “tier” of your site, ideally you would want to work with hosting that provides you with appropriate security solutions. You may want to consider a more powerful hosting package, especially if they have you using outdated resource packages.

Let me know if you have any questions about this, I’m happy to help.

Thread Starter markussss
(@markussss)

2 years ago

Hi @stephanieliy,

the site runs on PHP 8.0.28 (Supports 64bit values).

I am going to contact the hosting provider again – unfortunately I can’t change it. It’s just voluntary work I do vor an NPO, and they have that hosting provider, that is well known in our region actually.

But I can’t know the details about their internal setup for shared hosting. They just told me that PHP safemode cannot be disabled (even though I obviously do not run a deprecated PHP version on that site), and that this must be solved on the plugin level.

Difficult situation it seems. I don’t know how much this impacts the site. Perhaps it is fine to just leave it. However, I noticed those warnings, and also that the backend runs slower with Give WP enabled (hence I thought this warning could be the source of that)

best regards
Markus

stephanieliy
(@stephanieliy)

2 years ago

Hi @markussss,
I’ve created a post for our teams to review PHP safemode here: https://feedback.givewp.com/bug-reports/p/php-safemode-with-givewp-causes-the-back-end-to-run-slowly

I’m also linking your ticket so we can reach back out to you once we have a resolution. I can’t guarantee that this is something we have any control over, this is generally a hosting issue not a plugin one, but it never hurts to give things a look.

The nature of non profit means funds are closely managed, and I know that can make managing operations costs and options a little delicate. If your organization has the ability, I would still recommend revisiting the current hosting. The right kind of hosting can make a huge impact on how the site runs, and how it interacts with other open source products, and I want to make sure to steer you towards solutions that will make that easier for all involved.

I’ll mark this as resolved for now, but if you have questions you can always send along a message and I’ll be happy to help as much as I can. Have a great day!

Thread Starter markussss
(@markussss)

2 years ago

Thanks @stephanieliy for moving it to an internal discussion now, if there is something you can do about, I’ll probably notice it eventually.

The hosting itself was not that bad until now, but those details you can’t know beforehand. Unfortunately my hands are tied as well, and I can’t go into any discussion about hosting with the NPO.

If you figure something out at some point, perhaps you can refer back to this topic here. Thanks!

Thread Starter markussss
(@markussss)

2 years ago

One more feedback @stephanieliy from the hosting provider

open_basedir_restriction is enabled on the server and cannot be disabled on shared hosting.

The support of the hosting is definitely not the best as they don’t give any other explanation or suggestion. However, if you ever look into it maybe this information is of additional help

best regards
Markus

Thread Starter markussss
(@markussss)

2 years ago

@stephanieliy one more thing – the particular hosting company offered that you could contact them directly to fix this together permanently.

Not sure if those contacts can be shared in here but as it’s anyway online:
[email protected]
https://www.world4you.com/en/hilfe-und-support/help-contact.html

best wishes
Markus

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘GiveWP warning because of php_safemode’ is closed to new replies.