I have a server at DigitalOcean with Ubuntu, CyberPanel, and OpenLiteSpeed, and wanted one of my websites to display an auto index of all the files uploaded to it.
There is a
default.php script in
/usr/local/lsws/share/autoindex that simulates Apache’s auto index, which suffices for my needs, but if you don’t want to use the default, you could copy and edit
default.php to create your own template.
Now, to enable and use this auto index, you have to adjust the
index directive in your website’s virtual host configuration file:
indexFiles index.php, index.html
- Enable useServer to use the server’s index file settings
- Enable autoIndex to generate a directory index on the fly
1, I was getting a 404 page when visiting the site, which makes sense, because there was no
index.html in the website’s root to load a front page. That said, after enabling
autoIndex, it displayed a 500 page, so while that did something, it still wasn’t working.
After a quick chat with the GoLiteSpeed support team on Slack, they prompted me to check the
open_basedir setting. If this protection is turned on, it limits the files that can be accessed by PHP to only your website’s directory. As it turns out, that protection was turned on:
php_admin_value open_basedir "/tmp:$VH_ROOT"
You could remove that directive, i.e. disable the protection, and your auto index would now work perfectly fine, but I’d rather not allow a website to just run any PHP script located anywhere on the server.
Fortunately, the solution is quite simple: just add the path of the default auto index script to the list of paths to exempt that script from the protection:
php_admin_value open_basedir "/tmp:/usr/local/lsws/share/autoindex:$VH_ROOT"
Upon save, OpenLiteSpeed should be gracefully reloaded, and your auto index should be displayed on your website.
Featured image by Kelly Sikkema.