I can't zip symbolic linked files with PHP

Question

I have a cPanel Linux server running LiteSpeed ​​Web Server. There are constant photo uploads on a hosting on this server. However, the site is growing a little more every day and I am having problems with backups.

I thought of moving the photos from previous years to a location outside the hosting area and preventing unnecessary backups every day. I created a folder outside and gave access from the hosting area with a symbolic link. There is no problem on the web server side. The photos are displayed on the site.

However, sometimes users want to create a report and download old files as a zip. I cannot include files accessed with a symbolic link in a zip with PHP.

I tried running zip with exec instead of PHP's zip function. I added open_basedir to php.ini. I added "Options +FollowSymLinks +SymLinksIfOwnerMatch" to .htaccess.

However, I could not succeed.

Is it possible to do something like this without compromising the security of the server?

My PHP code:

$zip = new ZipArchive();
$zip->open("test.zip", ZipArchive::CREATE);

$zip->addFile('/home/mysite/public_html/files/photo1.jpg', 'photo1.jpg');
$zip->addFile('/home/mysite/public_html/myPhotos/photo2.jpg', 'photo2.jpg');
$zip->addFile('/backup/myPhotos/photo3.jpg', 'photo3.jpg');

$zip->close();

When I run this code, the only file in the zip file is the photo1.jpg file under the files folder, which is a real folder.

/home/mysite/public_html/files is a real folder

/home/mysite/public_html/myPhotos/ is a symbolic link from /backup/myPhotos.

Answer 1

I'm trying to solve the problem with PHP, but cPanel has a solution for this problem.

If I want, I can exclude certain folders from backup.

"To exclude files or directories from an individual user’s backups, add the desired paths (relative to the user’s home directory) to the cpbackup-exclude.conf file in the user’s home directory, with one entry per line."

https://docs.cpanel.net/knowledge-base/backup/how-to-exclude-files-from-backups/