From 906e8a23b4d875dca79f72618911b3ff691afda8 Mon Sep 17 00:00:00 2001
From: usmannasir <01-134132-158@student.bahria.edu.pk>
Date: Mon, 21 May 2018 21:52:35 +0500
Subject: [PATCH] open_basedir

---
 CyberCP/settings.pyc                          | Bin 3773 -> 3809 bytes
 plogical/sslUtilities.py                      |  14 ++
 plogical/virtualHostUtilities.py              | 142 ++++++++++---
 static/images/icons/open_basedir.png          | Bin 0 -> 1741 bytes
 static/websiteFunctions/websiteFunctions.js   | 191 +++++++++++++++++-
 .../static/images/icons/open_basedir.png      | Bin 0 -> 1741 bytes
 .../websiteFunctions/websiteFunctions.js      | 191 +++++++++++++++++-
 .../websiteFunctions/createWebsite.html       |   9 +
 .../templates/websiteFunctions/website.html   |  99 ++++++++-
 websiteFunctions/urls.py                      |   5 +
 websiteFunctions/views.py                     |  46 ++++-
 11 files changed, 651 insertions(+), 46 deletions(-)
 create mode 100644 static/images/icons/open_basedir.png
 create mode 100644 websiteFunctions/static/images/icons/open_basedir.png

diff --git a/CyberCP/settings.pyc b/CyberCP/settings.pyc
index 60e4a8795ac40f537b22f016f5924e71070c511c..2462b2a46fb193ad199087ab9c204a6b2be111c4 100644
GIT binary patch
delta 100
zcmdlh`%qSz`7<xq#ps_=$qY~+0i+#(xOl@x=~+zDDe(-cEDR|L49$!TX-o`hTnth2
u3@J<u!5WF14>HMe3Y0Jb6{i-Lumh>!g2cSdx4Ctg7`II3;M>Z?&j<jRoEF;v

delta 64
zcmaDTyH{44`7<xqrrqnKk{O^t0!TXmaq+^9(zBR&(l{BS<QY<!7=kt8H(y|q<=n)h
M$;7y6vKHS~00S%!sQ>@~

diff --git a/plogical/sslUtilities.py b/plogical/sslUtilities.py
index a644d649d..cd091d931 100644
--- a/plogical/sslUtilities.py
+++ b/plogical/sslUtilities.py
@@ -224,6 +224,20 @@ class sslUtilities:
                     return 1
 
                 elif output.find('no action taken.') > -1:
+
+                    ###### Copy SSL To config location ######
+
+                    srcPrivKey = "/etc/letsencrypt/live/" + virtualHostName + "/privkey.pem"
+                    srcFullChain = "/etc/letsencrypt/live/" + virtualHostName + "/fullchain.pem"
+
+                    if os.path.exists(pathToStoreSSLPrivKey):
+                        os.remove(pathToStoreSSLPrivKey)
+                    if os.path.exists(pathToStoreSSLFullChain):
+                        os.remove(pathToStoreSSLFullChain)
+
+                    shutil.copy(srcPrivKey, pathToStoreSSLPrivKey)
+                    shutil.copy(srcFullChain, pathToStoreSSLFullChain)
+
                     return 1
                 elif output.find('Failed authorization procedure') > -1:
                     logging.CyberCPLogFileWriter.writeToFile(
diff --git a/plogical/virtualHostUtilities.py b/plogical/virtualHostUtilities.py
index 871e1370b..dd066ff7f 100644
--- a/plogical/virtualHostUtilities.py
+++ b/plogical/virtualHostUtilities.py
@@ -137,7 +137,7 @@ class virtualHostUtilities:
             logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [finalizeVhostCreation]")
 
     @staticmethod
-    def createDirectoryForVirtualHost(virtualHostName,administratorEmail,virtualHostUser, phpVersion):
+    def createDirectoryForVirtualHost(virtualHostName,administratorEmail,virtualHostUser, phpVersion, openBasedir):
 
         path = "/home/" + virtualHostName
         pathHTML = "/home/" + virtualHostName + "/public_html"
@@ -161,14 +161,14 @@ class virtualHostUtilities:
         ## Creating Per vhost Configuration File
 
 
-        if virtualHostUtilities.perHostVirtualConf(completePathToConfigFile,administratorEmail,virtualHostUser,phpVersion, virtualHostName) == 1:
+        if virtualHostUtilities.perHostVirtualConf(completePathToConfigFile,administratorEmail,virtualHostUser,phpVersion, virtualHostName, openBasedir) == 1:
             return [1,"None"]
         else:
             return [0,"[61 Not able to create per host virtual configurations [perHostVirtualConf]"]
 
 
     @staticmethod
-    def perHostVirtualConf(vhFile, administratorEmail,virtualHostUser, phpVersion, virtualHostName):
+    def perHostVirtualConf(vhFile, administratorEmail,virtualHostUser, phpVersion, virtualHostName, openBasedir):
         # General Configurations tab
         try:
             confFile = open(vhFile, "w+")
@@ -316,7 +316,7 @@ class virtualHostUtilities:
             accessControlEnds = "  }\n"
 
             phpIniOverride = "phpIniOverride  {\n"
-            php_admin_value = 'php_admin_value open_basedir "/tmp:/usr/local/lsws/Example/html/FileManager:/home/' + virtualHostName + '"\n'
+            php_admin_value = 'php_admin_value open_basedir "/tmp:/usr/local/lsws/Example/html/FileManager:$VH_ROOT"\n'
             endPHPIniOverride = "}\n"
 
 
@@ -332,21 +332,23 @@ class virtualHostUtilities:
             confFile.writelines(allow)
             confFile.writelines(deny)
             confFile.writelines(accessControlEnds)
-            #confFile.writelines(phpIniOverride)
-            #confFile.writelines(php_admin_value)
-            #confFile.writelines(endPHPIniOverride)
+            if openBasedir == 1:
+                confFile.writelines(phpIniOverride)
+                confFile.writelines(php_admin_value)
+                confFile.writelines(endPHPIniOverride)
             confFile.writelines(defaultCharSet)
             confFile.writelines(contextEnds)
 
             ## OpenBase Dir Protection
 
-            #phpIniOverride = "phpIniOverride  {\n"
-            #php_admin_value = 'php_admin_value open_basedir "/tmp:/home/' + virtualHostName + '"\n'
-            #endPHPIniOverride = "}\n"
+            phpIniOverride = "phpIniOverride  {\n"
+            php_admin_value = 'php_admin_value open_basedir "/tmp:$VH_ROOT"\n'
+            endPHPIniOverride = "}\n"
 
-            #confFile.writelines(phpIniOverride)
-            #confFile.writelines(php_admin_value)
-            #confFile.writelines(endPHPIniOverride)
+            if openBasedir == 1:
+                confFile.writelines(phpIniOverride)
+                confFile.writelines(php_admin_value)
+                confFile.writelines(endPHPIniOverride)
 
             confFile.close()
 
@@ -443,7 +445,7 @@ class virtualHostUtilities:
 
 
     @staticmethod
-    def createDirectoryForDomain(masterDomain, domain, phpVersion, path, administratorEmail,virtualHostUser):
+    def createDirectoryForDomain(masterDomain, domain, phpVersion, path, administratorEmail,virtualHostUser, openBasedir):
 
         FNULL = open(os.devnull, 'w')
 
@@ -476,13 +478,13 @@ class virtualHostUtilities:
 
 
         if virtualHostUtilities.perHostDomainConf(path, masterDomain, completePathToConfigFile,
-                                                  administratorEmail, phpVersion,virtualHostUser) == 1:
+                                                  administratorEmail, phpVersion,virtualHostUser, openBasedir) == 1:
             return [1,"None"]
         else:
             return [0, "[359 Not able to create per host virtual configurations [perHostVirtualConf]"]
 
     @staticmethod
-    def perHostDomainConf(path, masterDomain, vhFile, administratorEmail, phpVersion,virtualHostUser):
+    def perHostDomainConf(path, masterDomain, vhFile, administratorEmail, phpVersion,virtualHostUser, openBasedir):
 
         # General Configurations tab
 
@@ -552,13 +554,14 @@ class virtualHostUtilities:
 
             ## OpenBase Dir Protection
 
-            #phpIniOverride = "phpIniOverride  {\n"
-            #php_admin_value = 'php_admin_value open_basedir "/tmp:' + path + '"\n'
-            #endPHPIniOverride = "}\n"
+            phpIniOverride = "phpIniOverride  {\n"
+            php_admin_value = 'php_admin_value open_basedir "/tmp:' + path + '"\n'
+            endPHPIniOverride = "}\n"
 
-            #confFile.writelines(phpIniOverride)
-            #confFile.writelines(php_admin_value)
-            #confFile.writelines(endPHPIniOverride)
+            if openBasedir == 1:
+                confFile.writelines(phpIniOverride)
+                confFile.writelines(php_admin_value)
+                confFile.writelines(endPHPIniOverride)
 
             # php settings
 
@@ -1022,7 +1025,7 @@ class virtualHostUtilities:
 
 
 
-def createVirtualHost(virtualHostName, administratorEmail, phpVersion, virtualHostUser, numberOfSites, ssl, sslPath, dkimCheck):
+def createVirtualHost(virtualHostName, administratorEmail, phpVersion, virtualHostUser, numberOfSites, ssl, sslPath, dkimCheck, openBasedir):
     try:
         if virtualHostUtilities.checkIfVirtualHostExists(virtualHostName) == 1:
             raise BaseException("Virtual Host Directory already exists!")
@@ -1038,7 +1041,7 @@ def createVirtualHost(virtualHostName, administratorEmail, phpVersion, virtualHo
             if retValues[0] == 0:
                 raise BaseException(retValues[1])
 
-        retValues = virtualHostUtilities.createDirectoryForVirtualHost(virtualHostName, administratorEmail, virtualHostUser, phpVersion)
+        retValues = virtualHostUtilities.createDirectoryForVirtualHost(virtualHostName, administratorEmail, virtualHostUser, phpVersion, openBasedir)
         if retValues[0] == 0:
             raise BaseException(retValues[1])
 
@@ -1066,7 +1069,7 @@ def createVirtualHost(virtualHostName, administratorEmail, phpVersion, virtualHo
         logging.CyberCPLogFileWriter.writeToFile(str(msg) + "  [createVirtualHost]")
         print "0,"+str(msg)
 
-def createDomain(masterDomain, virtualHostName, phpVersion, path,administratorEmail,virtualHostUser,restart,numberOfSites,ssl, dkimCheck):
+def createDomain(masterDomain, virtualHostName, phpVersion, path,administratorEmail,virtualHostUser,restart,numberOfSites,ssl, dkimCheck, openBasedir):
     try:
         if virtualHostUtilities.checkIfVirtualHostExists(virtualHostName) == 1:
             raise BaseException("Virtual Host Directory already exists!")
@@ -1086,7 +1089,7 @@ def createDomain(masterDomain, virtualHostName, phpVersion, path,administratorEm
 
         FNULL = open(os.devnull, 'w')
 
-        retValues = virtualHostUtilities.createDirectoryForDomain(masterDomain, virtualHostName, phpVersion, path,administratorEmail,virtualHostUser)
+        retValues = virtualHostUtilities.createDirectoryForDomain(masterDomain, virtualHostName, phpVersion, path,administratorEmail,virtualHostUser, openBasedir)
         if retValues[0] == 0:
             raise BaseException(retValues[1])
 
@@ -1822,6 +1825,69 @@ def deleteAlias(masterDomain, aliasDomain):
         logging.CyberCPLogFileWriter.writeToFile(str(msg) + "  [deleteAlias]")
         print "0," + str(msg)
 
+def changeOpenBasedir(domainName, openBasedirValue):
+    try:
+
+        confPath = virtualHostUtilities.Server_root + "/conf/vhosts/" + domainName
+        completePathToConfigFile = confPath + "/vhost.conf"
+
+        data = open(completePathToConfigFile, 'r').readlines()
+        skip = 0
+        if openBasedirValue == 'Disable':
+            writeToFile = open(completePathToConfigFile, 'w')
+            for items in data:
+                if items.find('phpIniOverride') > -1:
+                    skip = 1
+
+                if skip == 1 and items.find('}') > -1:
+                    skip = 0
+                    continue
+
+                if skip == 1:
+                    continue
+
+                writeToFile.writelines(items)
+            writeToFile.close()
+        else:
+
+            ## Check if phpini already active
+
+            inistatus = 0
+            for items in data:
+                if items.find('phpIniOverride') > -1:
+                    inistatus = 1
+
+            if inistatus == 0:
+                writeToFile = open(completePathToConfigFile, 'w')
+                for items in data:
+                    if items.find('context /.filemanager') > -1:
+                        writeToFile.writelines(items)
+                        phpIniOverride = "phpIniOverride  {\n"
+                        php_admin_value = 'php_admin_value open_basedir "/tmp:/usr/local/lsws/Example/html/FileManager:$VH_ROOT"\n'
+                        endPHPIniOverride = "}\n"
+                        writeToFile.writelines(phpIniOverride)
+                        writeToFile.writelines(php_admin_value)
+                        writeToFile.writelines(endPHPIniOverride)
+                    else:
+                        writeToFile.writelines(items)
+
+                phpIniOverride = "phpIniOverride  {\n"
+                php_admin_value = 'php_admin_value open_basedir "/tmp:$VH_ROOT"\n'
+                endPHPIniOverride = "}\n"
+
+                writeToFile.writelines(phpIniOverride)
+                writeToFile.writelines(php_admin_value)
+                writeToFile.writelines(endPHPIniOverride)
+
+                writeToFile.close()
+        installUtilities.installUtilities.reStartLiteSpeed()
+        print "1,None"
+
+
+    except BaseException, msg:
+        logging.CyberCPLogFileWriter.writeToFile(str(msg) + "  [changeOpenBasedir]")
+        print "0," + str(msg)
+
 
 def saveSSL(virtualHost,pathToStoreSSL,keyPath,certPath,sslCheck):
     try:
@@ -1871,6 +1937,7 @@ def main():
     parser.add_argument("--ssl", help="Weather to activate SSL")
     parser.add_argument("--sslPath", help="Path to website document root!")
     parser.add_argument('--dkimCheck', help='To enable or disable DKIM support for domain.')
+    parser.add_argument('--openBasedir', help='To enable or disable open_basedir protection for domain.')
 
 
     ## arguments for creation child domains
@@ -1914,6 +1981,10 @@ def main():
 
     parser.add_argument('--aliasDomain', help='Alias Domain!')
 
+    ## Arguments for OpenBasedir
+
+    parser.add_argument('--openBasedirValue', help='open_base dir protection value!')
+
 
 
     args = parser.parse_args()
@@ -1923,7 +1994,13 @@ def main():
             dkimCheck = int(args.dkimCheck)
         except:
             dkimCheck = 0
-        createVirtualHost(args.virtualHostName,args.administratorEmail,args.phpVersion,args.virtualHostUser,int(args.numberOfSites),int(args.ssl),args.sslPath,dkimCheck)
+
+        try:
+            openBasedir = int(args.openBasedir)
+        except:
+            openBasedir = 0
+
+        createVirtualHost(args.virtualHostName, args.administratorEmail, args.phpVersion, args.virtualHostUser, int(args.numberOfSites), int(args.ssl), args.sslPath, dkimCheck, openBasedir)
     elif args.function == "deleteVirtualHostConfigurations":
         virtualHostUtilities.deleteVirtualHostConfigurations(args.virtualHostName,int(args.numberOfSites))
     elif args.function == "createDomain":
@@ -1931,7 +2008,14 @@ def main():
             dkimCheck = int(args.dkimCheck)
         except:
             dkimCheck = 0
-        createDomain(args.masterDomain, args.virtualHostName, args.phpVersion, args.path,args.administratorEmail,args.virtualHostUser,args.restart,int(args.numberOfSites),int(args.ssl),dkimCheck)
+
+        try:
+            openBasedir = int(args.openBasedir)
+        except:
+            openBasedir = 0
+
+
+        createDomain(args.masterDomain, args.virtualHostName, args.phpVersion, args.path,args.administratorEmail,args.virtualHostUser,args.restart,int(args.numberOfSites),int(args.ssl),dkimCheck, openBasedir)
     elif args.function == "issueSSL":
         issueSSL(args.virtualHostName,args.path,args.administratorEmail)
     elif args.function == "changePHP":
@@ -1962,6 +2046,8 @@ def main():
         issueAliasSSL(args.masterDomain, args.aliasDomain, args.sslPath, args.administratorEmail)
     elif args.function == 'deleteAlias':
         deleteAlias(args.masterDomain, args.aliasDomain)
+    elif args.function == 'changeOpenBasedir':
+        changeOpenBasedir(args.virtualHostName, args.openBasedirValue)
 
 if __name__ == "__main__":
     main()
\ No newline at end of file
diff --git a/static/images/icons/open_basedir.png b/static/images/icons/open_basedir.png
new file mode 100644
index 0000000000000000000000000000000000000000..2cf48be5337a08edb3ec0e7dd5aef5540b6874e5
GIT binary patch
literal 1741
zcmV;;1~U1HP)<h;3K|Lk000e1NJLTq002M$002M;1^@s6s%dfF00004b3#c}2nYxW
zd<bNS00009a7bBm0005$0005$0rMwy$N&HU8FWQhbW?9;ba!ELWdL_~cP?peYja~^
zaAhuUa%Y?FJQ@H121-dpK~#90?VDX}9Mu)af9KAwV|GJAoY(}M4`EX$kU;ooC0q$a
z<0L2n5hRLKsg)2Qo?68Bhbts2FG(E0w58>N3RQig1tC>5L`s4I$x=c~OA!c2z-yCO
zCYFh9BC^SPy>m|=Y)9C;<DJ>vnRTT6B|rG?x##}RZ|~lj-MLp(m1?N@nRix+@)Cdw
z52bc*I$jMQ5;cG;A3v~CW9Av)0bs#Y^EmLT<m~R=7q$#U=_fJ(O;5bLT8!I{$bCSK
zM_3lszo>O~^*z7wSQNfO1+cpP?In(_Z8PYd3cmp2KD$l`{LLb7xhB(nY}f5$VR<YH
zVEK~=l1axjWwY+!K-X=fo{0om+umI_ZrycYHjC;OkRJo4Opg}yKPqwn?7;=b`RvH9
zwoz3)jjw!ce_c(D)0lQ`-_Ubg(sLy*3gC*T4qj(O{x|h+1{egs0lo#60QEovuoQ6o
z*HxBWU<4SR@-a5$<8q)8s0Fa9*Z1$){PA3gVgU!P1)8V+%9grW#PM1V=9I%E^oDXh
zlsi33lXbD*pCC8<SyhJrp@PnU@?>+k>0xYo7_1xV&|V53fOWCi@6pUD?AcLJ8~Ttz
zR1yHqp2lWQAx<2e8pOmw1gwkN9M~M{X3^|vG@AzR1-t4h4M1)jdwQtSUaF$%EQ0e$
z7XVb-K(%!NK(!52TNeOS+d#E--T@G)?49I!1z^Sc9@gCQI>yOWEa!OxV8!|#8rS!*
z__97)ZhoU;5Y7t#)5T9~@$!CJZmA4}c@JQA@zYv-X@5mN4)Yp-SMk%jxZxNV*O&Jz
z`n&~Dtaw!+^}(H-8oHvaapolezr~LnTUYj2^A13i#lt)U5Owho5dbG%{0Go#6b}&q
zs9$@68}IKSvFx;GjIZJkZ?Aaq5Hf)JH797<`YAQZajyCKha{HfL-1Yv@vB4e7#e_O
zEkm?y`xKGMUxed{EZ5vK6T+(2-l`T4Apuy{GQ^r~pPVaxTIV3trCHV5%c|CtXO1X}
zhmanOG+g}+VhTSCh$pga_~qd_7sjZHhmdB#k-gV3_VqH)*XK*|5E1~JGko#Z^>acf
zBvnJ|@LiD=52XT-;@yHmm@IxfBgd~Q$x^8*T8S}|H(&ie)AtJ@tl|rK&x<J*kj=V-
zv)d%*e^Wy-2&#tOL*cyhg}l#JQ2<l>g1(#CEAH!KFfA_#YK7iI+Zi1QW7^BuTzi_P
z<+BROyI=?1+A<r0TH)xvYeOm?K)r7=ejr}}q(CyMSs2vOIS8YD^&H)|fs<b@51hlV
z6np{jbt9x`3S>r`Nj6~5oD6Kt<_w?z<A%Wfg33t#tSuPlFP(gq*Al;|q*)M|tj+UW
zNWK6VXJRjt`*~-!C(GWY7M3#cnE9ulKwkj9+PU>xRNlzzTzg5W`}{(c3a@{$vu(sr
ztnX`?75!6QqX<r2Q=m&?BvO;_)kD6W_jhjk0QhKjyTp??m#p@iCIZQS`#LxN+i!HR
zw@xWY)?8GFSs30WEs#`S4iX*+KsJ|rO(r)==gC>rh}13)k}eDlWOK>af^-N3V4$n@
ztSj8_^?Gbc)6`55uaGb`j*+_ux?0Z$=@fYN>fgO-KTvp@iNRUaNUVM>5>Et8U6vI2
zb!u1Jhe7+5w0vh0nI{3yefSbj5UXE{vuH&mR|thy`a0WQEv0Ws?gl&VIAffNEhtC4
zqXe_?QeqA3CqEV@q<z`KzY>YDhf3~V&Y7V#kG<QNi`yQc_#;}i*fS&8^e~#soNJC>
zeq+hw10TmG%pFI&HWvNf@1?Tl=h3c>gBp`opu1?W7)-LBSi?GEOMiqcSX9o?DEbF;
zcH*XTiiZlF8j~G6OjG)&&mz)60H~VFAhFt@!<|IszSN$!y+Jz`Qbmu=HMe*FL|xq@
z!mSlcI#cgWpualaxw+uINGS^C++g!l2e%<+C+LO>rThfd-F?YJf7gzVif$AP_26Xl
z(+Ar?9tE}${O(ABeV{L<IyV<zV@gycM`xRV+ueez4+HlC$s*xt;IBCH`_#_1FT?g0
z>EY?s?QbuMYwd%o`Ws;7td|Ew<c|}Q`E!^@WoIk$)8ha?+wp#EAno3b=pz8A{BC8^
jdGo!FTPwE*)~Egt{-Js8VJ`9T00000NkvXXu0mjf$f-jT

literal 0
HcmV?d00001

diff --git a/static/websiteFunctions/websiteFunctions.js b/static/websiteFunctions/websiteFunctions.js
index 95f14d618..e5b7f993b 100644
--- a/static/websiteFunctions/websiteFunctions.js
+++ b/static/websiteFunctions/websiteFunctions.js
@@ -27,6 +27,13 @@ app.controller('createWebsite', function($scope,$http) {
                     var dkimCheck = 0
                 }
 
+                if ($scope.openBasedir === true){
+                    var openBasedir = 1;
+                }
+                else{
+                    var openBasedir = 0
+                }
+
 
                 $("#webSiteCreation").fadeIn();
 
@@ -46,7 +53,8 @@ app.controller('createWebsite', function($scope,$http) {
                     phpSelection: phpSelection,
                     ssl:ssl,
                     websiteOwner:websiteOwner,
-                    dkimCheck:dkimCheck
+                    dkimCheck:dkimCheck,
+                    openBasedir:openBasedir
                 };
 
                 var config = {
@@ -1558,6 +1566,13 @@ app.controller('websitePages', function($scope,$http) {
                     var dkimCheck = 0
                 }
 
+                if ($scope.openBasedir === true){
+                    var openBasedir = 1;
+                }
+                else{
+                    var openBasedir = 0
+                }
+
 
                 url = "/websites/submitDomainCreation";
                 var domainName = $scope.domainNameCreate;
@@ -1576,7 +1591,8 @@ app.controller('websitePages', function($scope,$http) {
                     ssl:ssl,
                     path:path,
                     masterDomain:$("#domainNamePage").text(),
-                    dkimCheck:dkimCheck
+                    dkimCheck:dkimCheck,
+                    openBasedir:openBasedir
                 };
 
                 var config = {
@@ -1645,6 +1661,7 @@ app.controller('websitePages', function($scope,$http) {
     $scope.couldNotConnect = true;
     $scope.domainDeleted = true;
     $scope.sslIssued = true;
+    $scope.childBaseDirChanged = true;
 
     $("#listDomains").hide();
 
@@ -1713,6 +1730,7 @@ app.controller('websitePages', function($scope,$http) {
                 $scope.domainDeleted = true;
                 $scope.sslIssued = true;
                 $scope.domainLoading = false;
+                $scope.childBaseDirChanged = true;
 
                 var url = "/websites/changePHP";
 
@@ -1747,6 +1765,7 @@ app.controller('websitePages', function($scope,$http) {
                         $scope.couldNotConnect = true;
                         $scope.domainDeleted = true;
                         $scope.sslIssued = true;
+                        $scope.childBaseDirChanged = true;
 
 
                     }
@@ -1761,6 +1780,7 @@ app.controller('websitePages', function($scope,$http) {
                         $scope.couldNotConnect = true;
                         $scope.domainDeleted = true;
                         $scope.sslIssued = true;
+                        $scope.childBaseDirChanged = true;
                     }
 
 
@@ -1776,6 +1796,81 @@ app.controller('websitePages', function($scope,$http) {
                         $scope.couldNotConnect = true;
                         $scope.domainDeleted = true;
                         $scope.sslIssued = true;
+                        $scope.childBaseDirChanged = true;
+
+                }
+
+    };
+
+    $scope.changeChildBaseDir = function(childDomain,openBasedirValue){
+
+                // notifcations
+
+                $scope.phpChanged = true;
+                $scope.domainError = true;
+                $scope.couldNotConnect = true;
+                $scope.domainDeleted = true;
+                $scope.sslIssued = true;
+                $scope.domainLoading = false;
+                $scope.childBaseDirChanged = true;
+
+
+                var url = "/websites/changeOpenBasedir";
+
+                var data = {
+                    domainName:childDomain,
+                    openBasedirValue:openBasedirValue
+                };
+
+                var config = {
+                    headers : {
+                        'X-CSRFToken': getCookie('csrftoken')
+                    }
+                };
+
+                $http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
+
+
+                function ListInitialDatas(response) {
+
+
+                    if(response.data.changeOpenBasedir === 1){
+
+                        $scope.phpChanged = true;
+                        $scope.domainError = true;
+                        $scope.couldNotConnect = true;
+                        $scope.domainDeleted = true;
+                        $scope.sslIssued = true;
+                        $scope.domainLoading = true;
+                        $scope.childBaseDirChanged = false;
+
+                    }
+                    else{
+
+                        $scope.phpChanged = true;
+                        $scope.domainError = false;
+                        $scope.couldNotConnect = true;
+                        $scope.domainDeleted = true;
+                        $scope.sslIssued = true;
+                        $scope.domainLoading = true;
+                        $scope.childBaseDirChanged = true;
+
+                        $scope.errorMessage = response.data.error_message;
+
+                    }
+
+
+                }
+                function cantLoadInitialDatas(response) {
+
+                        $scope.phpChanged = true;
+                        $scope.domainError = true;
+                        $scope.couldNotConnect = false;
+                        $scope.domainDeleted = true;
+                        $scope.sslIssued = true;
+                        $scope.domainLoading = true;
+                        $scope.childBaseDirChanged = true;
+
 
                 }
 
@@ -1858,7 +1953,7 @@ app.controller('websitePages', function($scope,$http) {
 
                 }
 
-    }
+    };
 
     $scope.issueSSL = function(childDomain,path){
                 $scope.domainLoading = false;
@@ -1870,6 +1965,7 @@ app.controller('websitePages', function($scope,$http) {
                 $scope.couldNotConnect = true;
                 $scope.domainDeleted = true;
                 $scope.sslIssued = true;
+                $scope.childBaseDirChanged = true;
 
                 var url = "/manageSSL/issueSSL";
 
@@ -1891,7 +1987,7 @@ app.controller('websitePages', function($scope,$http) {
                 function ListInitialDatas(response) {
 
 
-                    if(response.data.SSL == 1){
+                    if(response.data.SSL === 1){
 
                         $scope.domainLoading = true;
 
@@ -1902,6 +1998,7 @@ app.controller('websitePages', function($scope,$http) {
                         $scope.couldNotConnect = true;
                         $scope.domainDeleted = true;
                         $scope.sslIssued = false;
+                        $scope.childBaseDirChanged = true;
 
 
 
@@ -1923,6 +2020,7 @@ app.controller('websitePages', function($scope,$http) {
                         $scope.couldNotConnect = true;
                         $scope.domainDeleted = true;
                         $scope.sslIssued = true;
+                        $scope.childBaseDirChanged = true;
 
                     }
 
@@ -1938,6 +2036,7 @@ app.controller('websitePages', function($scope,$http) {
                     $scope.couldNotConnect = false;
                     $scope.domainDeleted = true;
                     $scope.sslIssued = true;
+                    $scope.childBaseDirChanged = true;
 
 
                 }
@@ -1949,6 +2048,90 @@ app.controller('websitePages', function($scope,$http) {
     };
 
 
+    /// Open_basedir protection
+
+    $scope.baseDirLoading = true;
+    $scope.operationFailed = true;
+    $scope.operationSuccessfull = true;
+    $scope.couldNotConnect = true;
+    $scope.openBaseDirBox = true;
+
+
+    $scope.openBaseDirView = function(){
+        $scope.openBaseDirBox = false;
+    };
+
+    $scope.hideOpenBasedir = function () {
+        $scope.openBaseDirBox = true;
+    };
+
+    $scope.applyOpenBasedirChanges = function(childDomain,phpSelection){
+
+                // notifcations
+
+                $scope.baseDirLoading = false;
+                $scope.operationFailed = true;
+                $scope.operationSuccessfull = true;
+                $scope.couldNotConnect = true;
+                $scope.openBaseDirBox = false;
+
+
+                var url = "/websites/changeOpenBasedir";
+
+                var data = {
+                    domainName:$("#domainNamePage").text(),
+                    openBasedirValue:$scope.openBasedirValue
+                };
+
+                var config = {
+                    headers : {
+                        'X-CSRFToken': getCookie('csrftoken')
+                    }
+                };
+
+                $http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
+
+
+                function ListInitialDatas(response) {
+
+
+                    if(response.data.changeOpenBasedir === 1){
+
+                        $scope.baseDirLoading = true;
+                        $scope.operationFailed = true;
+                        $scope.operationSuccessfull = false;
+                        $scope.couldNotConnect = true;
+                        $scope.openBaseDirBox = false;
+
+                    }
+                    else{
+
+                        $scope.baseDirLoading = true;
+                        $scope.operationFailed = false;
+                        $scope.operationSuccessfull = true;
+                        $scope.couldNotConnect = true;
+                        $scope.openBaseDirBox = false;
+
+                        $scope.errorMessage = response.data.error_message;
+
+                    }
+
+
+                }
+                function cantLoadInitialDatas(response) {
+
+                    $scope.baseDirLoading = true;
+                    $scope.operationFailed = true;
+                    $scope.operationSuccessfull = true;
+                    $scope.couldNotConnect = false;
+                    $scope.openBaseDirBox = false;
+
+
+                }
+
+    }
+
+
 
 
 });
diff --git a/websiteFunctions/static/images/icons/open_basedir.png b/websiteFunctions/static/images/icons/open_basedir.png
new file mode 100644
index 0000000000000000000000000000000000000000..2cf48be5337a08edb3ec0e7dd5aef5540b6874e5
GIT binary patch
literal 1741
zcmV;;1~U1HP)<h;3K|Lk000e1NJLTq002M$002M;1^@s6s%dfF00004b3#c}2nYxW
zd<bNS00009a7bBm0005$0005$0rMwy$N&HU8FWQhbW?9;ba!ELWdL_~cP?peYja~^
zaAhuUa%Y?FJQ@H121-dpK~#90?VDX}9Mu)af9KAwV|GJAoY(}M4`EX$kU;ooC0q$a
z<0L2n5hRLKsg)2Qo?68Bhbts2FG(E0w58>N3RQig1tC>5L`s4I$x=c~OA!c2z-yCO
zCYFh9BC^SPy>m|=Y)9C;<DJ>vnRTT6B|rG?x##}RZ|~lj-MLp(m1?N@nRix+@)Cdw
z52bc*I$jMQ5;cG;A3v~CW9Av)0bs#Y^EmLT<m~R=7q$#U=_fJ(O;5bLT8!I{$bCSK
zM_3lszo>O~^*z7wSQNfO1+cpP?In(_Z8PYd3cmp2KD$l`{LLb7xhB(nY}f5$VR<YH
zVEK~=l1axjWwY+!K-X=fo{0om+umI_ZrycYHjC;OkRJo4Opg}yKPqwn?7;=b`RvH9
zwoz3)jjw!ce_c(D)0lQ`-_Ubg(sLy*3gC*T4qj(O{x|h+1{egs0lo#60QEovuoQ6o
z*HxBWU<4SR@-a5$<8q)8s0Fa9*Z1$){PA3gVgU!P1)8V+%9grW#PM1V=9I%E^oDXh
zlsi33lXbD*pCC8<SyhJrp@PnU@?>+k>0xYo7_1xV&|V53fOWCi@6pUD?AcLJ8~Ttz
zR1yHqp2lWQAx<2e8pOmw1gwkN9M~M{X3^|vG@AzR1-t4h4M1)jdwQtSUaF$%EQ0e$
z7XVb-K(%!NK(!52TNeOS+d#E--T@G)?49I!1z^Sc9@gCQI>yOWEa!OxV8!|#8rS!*
z__97)ZhoU;5Y7t#)5T9~@$!CJZmA4}c@JQA@zYv-X@5mN4)Yp-SMk%jxZxNV*O&Jz
z`n&~Dtaw!+^}(H-8oHvaapolezr~LnTUYj2^A13i#lt)U5Owho5dbG%{0Go#6b}&q
zs9$@68}IKSvFx;GjIZJkZ?Aaq5Hf)JH797<`YAQZajyCKha{HfL-1Yv@vB4e7#e_O
zEkm?y`xKGMUxed{EZ5vK6T+(2-l`T4Apuy{GQ^r~pPVaxTIV3trCHV5%c|CtXO1X}
zhmanOG+g}+VhTSCh$pga_~qd_7sjZHhmdB#k-gV3_VqH)*XK*|5E1~JGko#Z^>acf
zBvnJ|@LiD=52XT-;@yHmm@IxfBgd~Q$x^8*T8S}|H(&ie)AtJ@tl|rK&x<J*kj=V-
zv)d%*e^Wy-2&#tOL*cyhg}l#JQ2<l>g1(#CEAH!KFfA_#YK7iI+Zi1QW7^BuTzi_P
z<+BROyI=?1+A<r0TH)xvYeOm?K)r7=ejr}}q(CyMSs2vOIS8YD^&H)|fs<b@51hlV
z6np{jbt9x`3S>r`Nj6~5oD6Kt<_w?z<A%Wfg33t#tSuPlFP(gq*Al;|q*)M|tj+UW
zNWK6VXJRjt`*~-!C(GWY7M3#cnE9ulKwkj9+PU>xRNlzzTzg5W`}{(c3a@{$vu(sr
ztnX`?75!6QqX<r2Q=m&?BvO;_)kD6W_jhjk0QhKjyTp??m#p@iCIZQS`#LxN+i!HR
zw@xWY)?8GFSs30WEs#`S4iX*+KsJ|rO(r)==gC>rh}13)k}eDlWOK>af^-N3V4$n@
ztSj8_^?Gbc)6`55uaGb`j*+_ux?0Z$=@fYN>fgO-KTvp@iNRUaNUVM>5>Et8U6vI2
zb!u1Jhe7+5w0vh0nI{3yefSbj5UXE{vuH&mR|thy`a0WQEv0Ws?gl&VIAffNEhtC4
zqXe_?QeqA3CqEV@q<z`KzY>YDhf3~V&Y7V#kG<QNi`yQc_#;}i*fS&8^e~#soNJC>
zeq+hw10TmG%pFI&HWvNf@1?Tl=h3c>gBp`opu1?W7)-LBSi?GEOMiqcSX9o?DEbF;
zcH*XTiiZlF8j~G6OjG)&&mz)60H~VFAhFt@!<|IszSN$!y+Jz`Qbmu=HMe*FL|xq@
z!mSlcI#cgWpualaxw+uINGS^C++g!l2e%<+C+LO>rThfd-F?YJf7gzVif$AP_26Xl
z(+Ar?9tE}${O(ABeV{L<IyV<zV@gycM`xRV+ueez4+HlC$s*xt;IBCH`_#_1FT?g0
z>EY?s?QbuMYwd%o`Ws;7td|Ew<c|}Q`E!^@WoIk$)8ha?+wp#EAno3b=pz8A{BC8^
jdGo!FTPwE*)~Egt{-Js8VJ`9T00000NkvXXu0mjf$f-jT

literal 0
HcmV?d00001

diff --git a/websiteFunctions/static/websiteFunctions/websiteFunctions.js b/websiteFunctions/static/websiteFunctions/websiteFunctions.js
index 95f14d618..e5b7f993b 100644
--- a/websiteFunctions/static/websiteFunctions/websiteFunctions.js
+++ b/websiteFunctions/static/websiteFunctions/websiteFunctions.js
@@ -27,6 +27,13 @@ app.controller('createWebsite', function($scope,$http) {
                     var dkimCheck = 0
                 }
 
+                if ($scope.openBasedir === true){
+                    var openBasedir = 1;
+                }
+                else{
+                    var openBasedir = 0
+                }
+
 
                 $("#webSiteCreation").fadeIn();
 
@@ -46,7 +53,8 @@ app.controller('createWebsite', function($scope,$http) {
                     phpSelection: phpSelection,
                     ssl:ssl,
                     websiteOwner:websiteOwner,
-                    dkimCheck:dkimCheck
+                    dkimCheck:dkimCheck,
+                    openBasedir:openBasedir
                 };
 
                 var config = {
@@ -1558,6 +1566,13 @@ app.controller('websitePages', function($scope,$http) {
                     var dkimCheck = 0
                 }
 
+                if ($scope.openBasedir === true){
+                    var openBasedir = 1;
+                }
+                else{
+                    var openBasedir = 0
+                }
+
 
                 url = "/websites/submitDomainCreation";
                 var domainName = $scope.domainNameCreate;
@@ -1576,7 +1591,8 @@ app.controller('websitePages', function($scope,$http) {
                     ssl:ssl,
                     path:path,
                     masterDomain:$("#domainNamePage").text(),
-                    dkimCheck:dkimCheck
+                    dkimCheck:dkimCheck,
+                    openBasedir:openBasedir
                 };
 
                 var config = {
@@ -1645,6 +1661,7 @@ app.controller('websitePages', function($scope,$http) {
     $scope.couldNotConnect = true;
     $scope.domainDeleted = true;
     $scope.sslIssued = true;
+    $scope.childBaseDirChanged = true;
 
     $("#listDomains").hide();
 
@@ -1713,6 +1730,7 @@ app.controller('websitePages', function($scope,$http) {
                 $scope.domainDeleted = true;
                 $scope.sslIssued = true;
                 $scope.domainLoading = false;
+                $scope.childBaseDirChanged = true;
 
                 var url = "/websites/changePHP";
 
@@ -1747,6 +1765,7 @@ app.controller('websitePages', function($scope,$http) {
                         $scope.couldNotConnect = true;
                         $scope.domainDeleted = true;
                         $scope.sslIssued = true;
+                        $scope.childBaseDirChanged = true;
 
 
                     }
@@ -1761,6 +1780,7 @@ app.controller('websitePages', function($scope,$http) {
                         $scope.couldNotConnect = true;
                         $scope.domainDeleted = true;
                         $scope.sslIssued = true;
+                        $scope.childBaseDirChanged = true;
                     }
 
 
@@ -1776,6 +1796,81 @@ app.controller('websitePages', function($scope,$http) {
                         $scope.couldNotConnect = true;
                         $scope.domainDeleted = true;
                         $scope.sslIssued = true;
+                        $scope.childBaseDirChanged = true;
+
+                }
+
+    };
+
+    $scope.changeChildBaseDir = function(childDomain,openBasedirValue){
+
+                // notifcations
+
+                $scope.phpChanged = true;
+                $scope.domainError = true;
+                $scope.couldNotConnect = true;
+                $scope.domainDeleted = true;
+                $scope.sslIssued = true;
+                $scope.domainLoading = false;
+                $scope.childBaseDirChanged = true;
+
+
+                var url = "/websites/changeOpenBasedir";
+
+                var data = {
+                    domainName:childDomain,
+                    openBasedirValue:openBasedirValue
+                };
+
+                var config = {
+                    headers : {
+                        'X-CSRFToken': getCookie('csrftoken')
+                    }
+                };
+
+                $http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
+
+
+                function ListInitialDatas(response) {
+
+
+                    if(response.data.changeOpenBasedir === 1){
+
+                        $scope.phpChanged = true;
+                        $scope.domainError = true;
+                        $scope.couldNotConnect = true;
+                        $scope.domainDeleted = true;
+                        $scope.sslIssued = true;
+                        $scope.domainLoading = true;
+                        $scope.childBaseDirChanged = false;
+
+                    }
+                    else{
+
+                        $scope.phpChanged = true;
+                        $scope.domainError = false;
+                        $scope.couldNotConnect = true;
+                        $scope.domainDeleted = true;
+                        $scope.sslIssued = true;
+                        $scope.domainLoading = true;
+                        $scope.childBaseDirChanged = true;
+
+                        $scope.errorMessage = response.data.error_message;
+
+                    }
+
+
+                }
+                function cantLoadInitialDatas(response) {
+
+                        $scope.phpChanged = true;
+                        $scope.domainError = true;
+                        $scope.couldNotConnect = false;
+                        $scope.domainDeleted = true;
+                        $scope.sslIssued = true;
+                        $scope.domainLoading = true;
+                        $scope.childBaseDirChanged = true;
+
 
                 }
 
@@ -1858,7 +1953,7 @@ app.controller('websitePages', function($scope,$http) {
 
                 }
 
-    }
+    };
 
     $scope.issueSSL = function(childDomain,path){
                 $scope.domainLoading = false;
@@ -1870,6 +1965,7 @@ app.controller('websitePages', function($scope,$http) {
                 $scope.couldNotConnect = true;
                 $scope.domainDeleted = true;
                 $scope.sslIssued = true;
+                $scope.childBaseDirChanged = true;
 
                 var url = "/manageSSL/issueSSL";
 
@@ -1891,7 +1987,7 @@ app.controller('websitePages', function($scope,$http) {
                 function ListInitialDatas(response) {
 
 
-                    if(response.data.SSL == 1){
+                    if(response.data.SSL === 1){
 
                         $scope.domainLoading = true;
 
@@ -1902,6 +1998,7 @@ app.controller('websitePages', function($scope,$http) {
                         $scope.couldNotConnect = true;
                         $scope.domainDeleted = true;
                         $scope.sslIssued = false;
+                        $scope.childBaseDirChanged = true;
 
 
 
@@ -1923,6 +2020,7 @@ app.controller('websitePages', function($scope,$http) {
                         $scope.couldNotConnect = true;
                         $scope.domainDeleted = true;
                         $scope.sslIssued = true;
+                        $scope.childBaseDirChanged = true;
 
                     }
 
@@ -1938,6 +2036,7 @@ app.controller('websitePages', function($scope,$http) {
                     $scope.couldNotConnect = false;
                     $scope.domainDeleted = true;
                     $scope.sslIssued = true;
+                    $scope.childBaseDirChanged = true;
 
 
                 }
@@ -1949,6 +2048,90 @@ app.controller('websitePages', function($scope,$http) {
     };
 
 
+    /// Open_basedir protection
+
+    $scope.baseDirLoading = true;
+    $scope.operationFailed = true;
+    $scope.operationSuccessfull = true;
+    $scope.couldNotConnect = true;
+    $scope.openBaseDirBox = true;
+
+
+    $scope.openBaseDirView = function(){
+        $scope.openBaseDirBox = false;
+    };
+
+    $scope.hideOpenBasedir = function () {
+        $scope.openBaseDirBox = true;
+    };
+
+    $scope.applyOpenBasedirChanges = function(childDomain,phpSelection){
+
+                // notifcations
+
+                $scope.baseDirLoading = false;
+                $scope.operationFailed = true;
+                $scope.operationSuccessfull = true;
+                $scope.couldNotConnect = true;
+                $scope.openBaseDirBox = false;
+
+
+                var url = "/websites/changeOpenBasedir";
+
+                var data = {
+                    domainName:$("#domainNamePage").text(),
+                    openBasedirValue:$scope.openBasedirValue
+                };
+
+                var config = {
+                    headers : {
+                        'X-CSRFToken': getCookie('csrftoken')
+                    }
+                };
+
+                $http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
+
+
+                function ListInitialDatas(response) {
+
+
+                    if(response.data.changeOpenBasedir === 1){
+
+                        $scope.baseDirLoading = true;
+                        $scope.operationFailed = true;
+                        $scope.operationSuccessfull = false;
+                        $scope.couldNotConnect = true;
+                        $scope.openBaseDirBox = false;
+
+                    }
+                    else{
+
+                        $scope.baseDirLoading = true;
+                        $scope.operationFailed = false;
+                        $scope.operationSuccessfull = true;
+                        $scope.couldNotConnect = true;
+                        $scope.openBaseDirBox = false;
+
+                        $scope.errorMessage = response.data.error_message;
+
+                    }
+
+
+                }
+                function cantLoadInitialDatas(response) {
+
+                    $scope.baseDirLoading = true;
+                    $scope.operationFailed = true;
+                    $scope.operationSuccessfull = true;
+                    $scope.couldNotConnect = false;
+                    $scope.openBaseDirBox = false;
+
+
+                }
+
+    }
+
+
 
 
 });
diff --git a/websiteFunctions/templates/websiteFunctions/createWebsite.html b/websiteFunctions/templates/websiteFunctions/createWebsite.html
index afdf9e12d..66ceb257a 100644
--- a/websiteFunctions/templates/websiteFunctions/createWebsite.html
+++ b/websiteFunctions/templates/websiteFunctions/createWebsite.html
@@ -100,6 +100,15 @@
                             </label>
                         </div>
                     </div>
+                    <label class="col-sm-3 control-label"></label>
+                    <div class="col-sm-9">
+                        <div class="checkbox">
+                            <label>
+                                <input ng-model="openBasedir" type="checkbox" value="">
+                                open_basedir Protection
+                            </label>
+                        </div>
+                    </div>
                 </div>
 
 
diff --git a/websiteFunctions/templates/websiteFunctions/website.html b/websiteFunctions/templates/websiteFunctions/website.html
index 3d0fe068d..7e6be632f 100644
--- a/websiteFunctions/templates/websiteFunctions/website.html
+++ b/websiteFunctions/templates/websiteFunctions/website.html
@@ -365,6 +365,15 @@
                                      </label>
                                  </div>
                              </div>
+                             <label class="col-sm-3 control-label"></label>
+                             <div class="col-sm-9">
+                                 <div class="checkbox">
+                                     <label>
+                                         <input ng-model="openBasedir" type="checkbox" value="">
+                                         open_basedir Protection
+                                     </label>
+                                 </div>
+                             </div>
                         </div>
 
 
@@ -424,6 +433,10 @@
                                     <p>{% trans "SSL Issued:" %} {$ sslDomainIssued $} </p>
                                 </div>
 
+                                <div ng-hide="childBaseDirChanged" class="alert alert-success">
+                                    <p>{% trans "Changes applied successfully." %} </p>
+                                </div>
+
 
                                 <div ng-hide="domainError" class="alert alert-danger">
                                     <p>{$ errorMessage $}</p>
@@ -457,6 +470,7 @@
                                         <tr>
                                             <th>Domain</th>
                                             <th>Path</th>
+                                            <th>open_basedir</th>
                                             <th>PHP</th>
                                             <th>SSL</th>
                                             <th>Delete</th>
@@ -466,6 +480,12 @@
                                         <tr ng-repeat="record in childDomains | filter:logSearch">
                                             <td ng-bind="record.childDomain"></td>
                                             <td ng-bind="record.path"></td>
+                                            <td >
+                                                <select ng-change="changeChildBaseDir(record.childDomain,childBaseDir)" ng-model="childBaseDir" class="form-control">
+                                                    <option>Enable</option>
+                                                    <option>Disable</option>
+                                                </select>
+                                            </td>
                                             <td >
                                                 <select ng-change="changePHP(record.childDomain,phpSelection)" ng-model="phpSelection" class="form-control">
                                                     <option>PHP 5.3</option>
@@ -488,10 +508,6 @@
 
                         </form>
 
-
-
-
-
                     </div>
 
                  <!---------- HTML For Listing domains --------------->
@@ -798,7 +814,7 @@
             <div class="content-box-wrapper">
                 <div class="row">
 
-                    <div class="col-md-4" style="margin-bottom: 2%;">
+                    <div class="col-md-3" style="margin-bottom: 2%;">
 
                                 <a href="{$ fileManagerURL $}" target="_blank" title="{% trans 'File Manager' %}">
                                     <img  src="{% static 'images/icons/office-material.png'  %}">
@@ -809,8 +825,19 @@
 
                     </div>
 
+                    <div class="col-md-3" style="margin-bottom: 2%;">
 
-                    <div class="col-md-4" style="margin-bottom: 2%;">
+                                <a ng-click="openBaseDirView()" href="" title="{% trans 'open_basedir Protection' %}">
+                                    <img  src="{% static 'images/icons/open_basedir.png'  %}">
+                                </a>
+                                <a ng-click="openBaseDirView()" href="" title="{% trans 'open_basedir Protection' %}">
+                                    <span style='font-size: 21px;font-family: "Times New Roman", Times, serif; padding-left: 2%'>{% trans "open_basedir" %}</span>
+                                </a>
+
+                    </div>
+
+
+                    <div class="col-md-3" style="margin-bottom: 2%;">
 
                                 <a  href="{% url 'createFTPAccount' %}" title="{% trans 'Create FTP Account' %}">
                                     <img  src="{% static 'images/icons/ftp-upload.png'  %}">
@@ -822,7 +849,7 @@
                     </div>
 
 
-                    <div class="col-md-4" style="margin-bottom: 2%;">
+                    <div class="col-md-3" style="margin-bottom: 2%;">
 
                                 <a  href="{% url 'deleteFTPAccount' %}" title="{% trans 'Delete FTP Account' %}">
                                     <img  src="{% static 'images/icons/delete-ftp.png'  %}">
@@ -834,6 +861,64 @@
                             </div>
 
 
+                    <!--- HTML To change open_basedir --->
+
+                    <div ng-hide="openBaseDirBox" class="col-md-12">
+
+                        <form  action="/" class="form-horizontal bordered-row">
+
+                            <div class="form-group">
+                                            <label class="col-sm-3 control-label">{% trans "open_basedir Protection" %}</label>
+                                            <div class="col-sm-6">
+                                                <select ng-model="openBasedirValue" class="form-control">
+                                                        <option>Enable</option>
+                                                        <option>Disable</option>
+                                                </select>
+                                            </div>
+
+                                            <div ng-hide="baseDirLoading" style="margin-bottom: 1%;"  class=" col-sm-1">
+                                                <img src="{% static 'images/loading.gif' %}">
+                                            </div>
+
+                                            <div style="margin-bottom: 2%;"  class=" col-sm-1">
+                                                <a title="{% trans 'Cancel' %}" ng-click="hideOpenBasedir()" href=""><img src="/static/images/close-32.png"></a>
+                                            </div>
+
+                                         </div>
+
+
+                            <div class="form-group">
+                                            <label class="col-sm-3 control-label"></label>
+                                            <div class="col-sm-4">
+                                                 <button type="button" ng-click="applyOpenBasedirChanges()" class="btn btn-primary btn-lg btn-block">{% trans "Apply Changes" %}</button>
+                                            </div>
+                            </div>
+                            <div class="form-group">
+
+                                            <label class="col-sm-3 control-label"></label>
+                                            <div class="col-sm-4">
+                                                    <div ng-hide="operationFailed" class="alert alert-danger">
+                                                                <p>{% trans "Error message:" %} {$ errorMessage $} </p>
+                                                    </div>
+
+                                                     <div ng-hide="operationSuccessfull" class="alert alert-success">
+                                                        <p>{% trans "Changes successfully saved." %}</p>
+                                                    </div>
+
+                                                    <div ng-hide="couldNotConnect" class="alert alert-danger">
+                                                        <p>{% trans "Could not connect to server. Please refresh this page." %}</p>
+                                                    </div>
+                                            </div>
+
+                            </div>
+
+
+                        </form>
+                    </div>
+
+                    <!--- HTML To change open_basedir --->
+
+
 
                 </div>
             </div>
diff --git a/websiteFunctions/urls.py b/websiteFunctions/urls.py
index 743452cff..aee3c05eb 100644
--- a/websiteFunctions/urls.py
+++ b/websiteFunctions/urls.py
@@ -74,4 +74,9 @@ urlpatterns = [
     url(r'^issueAliasSSL',views.issueAliasSSL,name="issueAliasSSL"),
     url(r'^delateAlias',views.delateAlias,name="delateAlias"),
 
+
+    ## Openbasedir
+    url(r'^changeOpenBasedir$',views.changeOpenBasedir,name="changeOpenBasedir"),
+
+
 ]
\ No newline at end of file
diff --git a/websiteFunctions/views.py b/websiteFunctions/views.py
index fbc987350..4fa13c96d 100644
--- a/websiteFunctions/views.py
+++ b/websiteFunctions/views.py
@@ -587,7 +587,7 @@ def submitWebsiteCreation(request):
             execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/virtualHostUtilities.py"
 
             execPath = execPath + " createVirtualHost --virtualHostName " + domain + " --administratorEmail " + adminEmail + " --phpVersion '" + phpSelection + "' --virtualHostUser " + externalApp + " --numberOfSites " + numberOfWebsites + " --ssl " + str(
-                data['ssl']) + " --sslPath " + sslpath + " --dkimCheck " + str(data['dkimCheck'])
+                data['ssl']) + " --sslPath " + sslpath + " --dkimCheck " + str(data['dkimCheck']) + " --openBasedir " + str(data['openBasedir'])
 
 
             output = subprocess.check_output(shlex.split(execPath))
@@ -700,7 +700,7 @@ def submitDomainCreation(request):
             execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/virtualHostUtilities.py"
 
             execPath = execPath + " createDomain --masterDomain " + masterDomain + " --virtualHostName " + domain + " --administratorEmail " + master.adminEmail + " --phpVersion '" + phpSelection + "' --virtualHostUser " + externalApp + " --numberOfSites " + numberOfWebsites + " --ssl " + str(
-                data['ssl']) + " --path " + path + " --dkimCheck " + str(data['dkimCheck'])
+                data['ssl']) + " --path " + path + " --dkimCheck " + str(data['dkimCheck']) + " --openBasedir " + str(data['openBasedir'])
 
             output = subprocess.check_output(shlex.split(execPath))
 
@@ -1952,7 +1952,6 @@ def changePHP(request):
         json_data = json.dumps(data_ret)
         return HttpResponse(json_data)
 
-
 def CreateWebsiteFromBackup(request):
     try:
         if request.method == 'POST':
@@ -2812,4 +2811,45 @@ def delateAlias(request):
     except BaseException, msg:
         data_ret = {'deleteAlias': 0, 'error_message': str(msg), "existsStatus": 0}
         json_data = json.dumps(data_ret)
+        return HttpResponse(json_data)
+
+
+def changeOpenBasedir(request):
+    try:
+        val = request.session['userID']
+        try:
+            if request.method == 'POST':
+
+                data = json.loads(request.body)
+                domainName = data['domainName']
+                openBasedirValue = data['openBasedirValue']
+
+                execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/virtualHostUtilities.py"
+
+                execPath = execPath + " changeOpenBasedir --virtualHostName '" + domainName + "' --openBasedirValue " + openBasedirValue
+
+
+                output = subprocess.check_output(shlex.split(execPath))
+
+                if output.find("1,None") > -1:
+                    pass
+                else:
+                    data_ret = {'changeOpenBasedir': 0, 'error_message': output}
+                    json_data = json.dumps(data_ret)
+                    return HttpResponse(json_data)
+
+
+
+                data_ret = {'changeOpenBasedir': 1,'error_message': "None"}
+                json_data = json.dumps(data_ret)
+                return HttpResponse(json_data)
+
+        except BaseException,msg:
+            data_ret = {'changeOpenBasedir': 0, 'error_message': str(msg)}
+            json_data = json.dumps(data_ret)
+            return HttpResponse(json_data)
+
+    except KeyError,msg:
+        data_ret = {'changeOpenBasedir': 0, 'error_message': str(msg)}
+        json_data = json.dumps(data_ret)
         return HttpResponse(json_data)
\ No newline at end of file