I'm running an application on a VPS under Ubuntu 13.10 nginx and php5-fpm, The webserver has been set up very carefully following the best security practices. The app was written and tested to avoid any kind of injection, users input data is filtered, and they are not allowed to upload files either there is no upload form in the application, so even though the server was configured with strong restrictions and permissions only for users reading from, also a PHP directive open_basedir was set for tighten security and the default value is:
open_basedir = /var/domain.com/public_html:/dev/urandom
Things it's going smoothly, but I've been watching php-fpm logs file and seeing quite often the following error:
EDIT: added missing File upload error information from the log file:
PHP Warning: File upload error - unable to create a temporary file in Unknown on line 0
PHP Warning: Unknown: open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (/var/www/domain.com/:/dev/urandom/) in Unknown on line 0
My doubt where is this coming from? The error did not point the file name either request details like IP etc,
Is my app or server compromised? or someone else faking an upload form and trying to upload files to the server, AFAIK its not possible as I have check it out and none files has been modified in computer files system.
As I'm very concerned about server security I can not figured that out! does anyone experienced this problem?