Hi,
we are using a quite huge moodle installation with a lot of virtual hosts. Since we do not want our users to "see" each other we are using the open_basedir directive in the php.ini. We just found out that this gives us a serious performance penalty since the file operations seem to increase quite a lot (the load time with open_basedir is 2-4 times longer).
Are there any secure ways to get along without open_basedir or anything we can do to improve the performance?
Thanks!
Regards, Jan
Moodle performance using open_basedir
Number of replies: 4Re: Moodle performance using open_basedir
Mmmm....ummm... perhaps the wrong place for this question 
Nevertheless I would appeciate feedback
Jan
Nevertheless I would appeciate feedback
Jan
Re: Moodle performance using open_basedir
I'm not sure your question makes sense. I assume you mean you are using some sort of shared hosting? Otherwise, switching on open_basedir doesn't make any sense. However, who runs a "huge" Moodle installation on shared hosting??
My advice - don't run Moodle with open_basedir enabled.
My advice - don't run Moodle with open_basedir enabled.
Re: Moodle performance using open_basedir
Hi Howard,
ok, "hugh" in this case means "a lot of installations". We only provide the web space and the web server installation (with PHP and a database, so moodle can be used), to which extent moodle is used (number of installations and how much the single installations are used) I do not know exactly. The setting is an apache with up to 1500 virtual hosts, some running moodle, some do not. To separate the single installations we use fcgid with suexec to run every PHP instance under a separate UID (and GID) and we use open_basedir to limit the access to the moodle directory.
So when your advide is not to use open_basedir how do you secure your server? Just setting file permissions on OS level?
Regards, Jan
ok, "hugh" in this case means "a lot of installations". We only provide the web space and the web server installation (with PHP and a database, so moodle can be used), to which extent moodle is used (number of installations and how much the single installations are used) I do not know exactly. The setting is an apache with up to 1500 virtual hosts, some running moodle, some do not. To separate the single installations we use fcgid with suexec to run every PHP instance under a separate UID (and GID) and we use open_basedir to limit the access to the moodle directory.
So when your advide is not to use open_basedir how do you secure your server? Just setting file permissions on OS level?
Regards, Jan
Re: Moodle performance using open_basedir
It sounds like you are a general-purpose shared hosting site and are having trouble with people wanting to use Moodle?
My situation is different because I *only* run Moodle. The vast majority of my customers do not require any server access at all and those who do are given the minimum amount of access to achieve what they require.
My situation is different because I *only* run Moodle. The vast majority of my customers do not require any server access at all and those who do are given the minimum amount of access to achieve what they require.