is_readable(): open_basedir restriction in effect.

  • is_readable(): open_basedir restriction in effect.
    File(/.aws/config) is not within the allowed path(s): (/home/www-data/.wp-cli:/usr/local/bin/wp:/var/www/html:/tmp:/var/www/.aws/config)

    Plugin:?WP Offload SES Lite
    File:?/wp-content/plugins/wp-ses/vendor/Aws3/Aws/DefaultsMode/ConfigurationProvider.php
    Line: 126

Viewing 15 replies - 1 through 15 (of 17 total)
  • Plugin Support Delicious Brains Support

    (@dbisupport)

    Hi @abitp,

    WP Offload SES support team here.
    Thanks for reaching out with your query.

    This means that the code isn’t allowed to read files that are stored in certain paths. Can you kindly check your server’s open_basedir settings if it is enabled? Then make sure no restrictions are applied on your WP installation path and its contents.

    Thank you.

    Same problem. But I do not agree to allowing read capabilities outside the document root. The open_basedir restriction is doing what it is supposed to do.

    The issue is with a vendor library that takes a bit too much freedoms. The offender is:

    /wp-ses/vendor/Aws3/Aws/DefaultsMode/ConfigurationProvider.php on line 126″

    Please fix.

    Additional log:

    2023/07/20 13:27:56 [error] 1126249#1126249: *4843 FastCGI sent in stderr: “PHP message: PHP Warning: is_readable(): open_basedir restriction in effect. File(/home/{user}/.aws/config) is not within the allowed path(s): (/home/{user}/.composer:/home/{user}/web/{domain}/public_html:/home/{user}/web/{domain}/private:/home/{user}/web/{domain}/public_shtml:/home/{user}/tmp:/tmp:/var/www/html:/bin:/usr/bin:/usr/local/bin:/usr/share:/opt) in /home/{user}/web/{domain}/public_html/wp-content/plugins/wp-ses/vendor/Aws3/Aws/DefaultsMode/ConfigurationProvider.php on line 126” while reading response header from upstream, client: {ip}, server: {domain}, request: “POST /wp-admin/admin-ajax.php HTTP/1.1”, upstream: “fastcgi://unix:/run/php/php8.1-fpm-{domain}.sock:”, host: “{domain}”

     * - use_aws_shared_config_files: (bool, default=bool(true)) Set to false to
 *   disable checking for shared config file in '~/.aws/config' and
 *   '~/.aws/credentials'.  This will override the AWS_CONFIG_FILE
 *   environment variable.
    Plugin Support Delicious Brains Support

    (@dbisupport)

    Hi Daan and @abitp ,

    Thanks for those additional information. Our dev team are already aware of this issue. However, the PHP warning shouldn’t affect the functionality of WP Offload SES Lite.

    If it’s showing up on the frontend of your site, kindly double check that WP_DEBUG_DISPLAY is set to false in the site’s wp-config.php file.

    Or if you’re not currently debugging anything, please try disabling the debug constants altogether.

    define(‘WP_DEBUG’, false);
    define(‘WP_DEBUG_LOG’, false);
    define(‘WP_DEBUG_DISPLAY’, false);

    I hope this helps, let us know if you have any other questions.

    Warnings that point towards something trying to get credentials outside docroot get special attention. Doesn’t matter if it’s just a warning.

    I appreciate the effort but given the topic the debug explanation may be a bit out of touch. Thanks though, all I needed to know is that your team is on it.

    Thread Starter ITP TECHNOLOGIE

    (@abitp)

    So, to avoid having the problem, are you advising to disable the visibility of issues, or am I misunderstanding?

    Plugin Support Delicious Brains Support

    (@dbisupport)

    Hi @abitp ,

    Yes, if you are seeing the warning on your website’s pages (frontend and/or backend), kindly disable your website’s debugging.

    Usually these warnings are hidden on the frontend and only logged in the debug.log file of a WordPress site, if debugging is properly enabled.

    @abitp, I’m not sure if support is from Delicious Brains or new owner WP Engine. Support are probably not engineers. Either way, advisement to disable visibility of problems is a problem of itself, I agree.

    @dbisupport, come on… you’re dealing with experienced developers here.

    Thread Starter ITP TECHNOLOGIE

    (@abitp)

    @dbisupport : I see this error on Query Monitor, I never said it was visible or hindering… I’m just looking for a solution, like my developer friend here @daankortenbach

    @dbisupport : Please don’t respond as if you’re an unskilled support… it’s not doing you any favors… call on a developer from your team or something…

    And I noticed the warnings as I viewed server error.log in realtime with tail -f /path/to/error.log on a pre-production server with 40 active users. WP_DEBUG_DISPLAY is already false but I do keep a log running at all times for security reasons. Especially in this stage. Please don’t assume unknowledgeble users.

    Thread Starter ITP TECHNOLOGIE

    (@abitp)

    @dbisupport UP

    Plugin Author Delicious Brains

    (@deliciousbrains)

    Hey @daankortenbach & @abitp,

    Please try adding the following to your theme’s functions.php file:

    function my_disable_use_aws_shared_config_files( $args ) {
    $args[‘use_aws_shared_config_files’] = false;

    return $args;
    }
    add_filter( ‘aws_get_client_args’, ‘my_disable_use_aws_shared_config_files’ );

    Please let me know whether this resolves the issue for you.

    –IJ

    @deliciousbrains thank you for providing a possible solution. I’ll put it in a file in mu-plugins so I can remove it easily later when the issue is fixed in a plugin update.

Viewing 15 replies - 1 through 15 (of 17 total)
  • The topic ‘is_readable(): open_basedir restriction in effect.’ is closed to new replies.