They said NO!

Hello, my name is Gonzalo, and just downloaded the latest version of Dolphin.

But in install process the script asks me for open_basedir to be turned to off.

I asked my hosting and they said that there's no way they will do it, because it's too much of a security issue. That doing that will leave my server open to lots of exploits and all kind of crap.

Basically they said it's crazy, and there's NO SINGLE REASON why a script would ask for that.

Then a iwent to a couple of very well know technical forums especialized in hosting and they said the same thing, that nobody should ever have open_basedir set to off.

So, is Dolphin an insecure script that has strong security issues?

Thanks in advance for your help guys.

I would guess that your host doesn't support the script.  The dolphin script is not really the security issue, it's mostly your server and that you install dolphin correctly.

No it's not what you say.

I uploaded the script and got the same error messages lots of people gets about open_basedir

When i asked the hosting they said that they can do it but they will not do it because is too much of a security risk.

To set open_basedir to off is very dangerous. That's what they said.

Then i went to specializad security forums and they said the same thing. Thay even asked if people who use the script with that server configuration aren't having hacking problems and i said i have seen several in the forums and they said it's because of having open_basedir set to off.

Have you read this?

http://www.boonex.com/trac/dolphin/wiki/DolTech

By any chance, are you trying to run Dolphin on one of those free hosting accounts? 

Yes houstonlively, i have read that, and by no chance i'm trying to install dolphin in a free server.

I have all that, the only thing they would not do i to set open_basedir to off. They say it's too much of a security risk.

Can you look at header.inc.php, at about line 56 and post it?  It should look something like this:

$dir['root']               = "/home/xxxxxx/public_html/";

Don't have a header.inc.php in the inc folder

where is that file supposed to be?

It's in the inc subdirectory

Nope, i don't have it.

And i didn't do anything, just uploaded the script and uploaded to my server.

The file is not there

NM... I guess that file get written during the installation.

Time to change hosts to one that supports this script.

OK, i will have to do that.

I'm a little bit concerned though.

Everywhere people say having open_basedir set to off is too dangerous.

Any idea why the script would request that? Is very dangerous!

here dolhin-root/inc/header.inc.php

Try a new installation and if this doesn't work and you have the info you need then create one. But this is difficult if you don't know.

Change the host. I'm with HFW and I'm absolutely happy. You get all you need and a real great support.

Enjoy and have fun :-)

Sometimes you just have to live life on the edge, and set open_basedir to off.

You have two choices:

1. Don't use Dolphin ....or

2. Move to a server that supports this script.  There are lots of them.

Boonex is not going to rewrite Dolphin code just because some hosts won't allow certain configurations.  If your hosting company won't work with you on this, is time to move...period.

Well, i already made my millionary donation, so i will have to getme a dedicated server...

 Send a PM to this guy.  He'll fix you up.

  http://www.boonex.com/unity/DosDawg