- Plesk for Linux
- Plesk for Windows
Is it safe to set value of
open_basedir PHP parameter to
none in Domains > example.com > PHP Settings since some popular WordPress plugins require this option?
It is possible to do that, however, there is always a risk for code to be compromised, which will lead to the bigger damage if
open_basedir parameter is set to
none instead of webspace root.
Refer to the OWASP (Open Web Application Security Project) documentation for more PHP security advise: https://www.owasp.org/index.php/PHP_Top_5