In addition to Martin’s link to make git actually functional, those warnings are showing because you have display_errors turned on in your php.ini. On a production server, it is recommended that display_errors is off and that error logs are used instead. This prevents warnings and fatal errors from leaking info to site visitors.
Regards, Ryan Schmidt > On Dec 23, 2018, at 4:08 PM, Martin Urbanec <martin.urba...@wikimedia.cz> > wrote: > > Hey, > > have a look at > https://www.mediawiki.org/w/index.php?title=Topic:Tbb9vyeslb873e9n&topic_showPostId=tbbefgxuarr3xzsv#flow-post-tbbefgxuarr3xzsv > . This post should help you. > > Best, > Martin > > ne 23. 12. 2018 v 23:55 odesĂlatel Jeffrey Walton <noloa...@gmail.com> > napsal: > >> Hi Everyone, >> >> A while back we applied hardening per >> http://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html >> . Our php.ini includes the following: >> >> ;; #15 Limit PHP Access To File System >> ;; Allows recursive descent >> open_basedir="/var/www/html/:/var/lib/php/" >> >> When (1) the cache is stale, and (2) we run Special:Version, then part >> of our security configuration is provided: >> https://cryptopp.com/special-version.png >> >> Is there any way to close that hole? >> >> I'm OK with allowing Git to run, but I don't know how to do it short >> of opening up /usr/bin to the web server. >> >> Thanks in advance. >> >> _______________________________________________ >> MediaWiki-l mailing list >> To unsubscribe, go to: >> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l >> > _______________________________________________ > MediaWiki-l mailing list > To unsubscribe, go to: > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l _______________________________________________ MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
