I have 3 Joomla sites installed in one Joomla-specific EC2 instance on AWS. I run RSFirewall (https://www.rsjoomla.com/joomla-extensions/joomla-security.html) on all 3, and the scanner complains that
open_basedir is not used. I did some research on the use of
open_basedir in Joomla:
I like the idea of it, but with 3 sites set up here:
I am not sure where I would tell PHP not to go!
Given that you constructed the Joomla LAMP stack for us, do you have any suggestions? How big a security risk is the lack of use of this parameter anyway?