I have tested "Gallery 3" enabling/disabling open_basedir and found that enabling open_basedir slows down "Gallery 3" CMS.
For my website, the score for Time To First Byte (TTFB) was 'F' when I enabled open_basedir and it was 'A' when I disabled open_basedir. That's a huge improvement. So, I would recommend disabling open_basedir completely. Even if you enable open_basedir, the attack is still possible.
To disable open_basedir, open your php.ini file and comment out the line containing open_basedir.
;open_basedir =
Also, make sure that "exec" and "shell_exec" are not listed in disable_functions. Graphics library "GD" or ImageMagick needs them.
disable_functions =
If you do not want to disable open_basedir, you need to do the following:
- Find the path to ImageMagick and add that path to open_basedir in php.ini.
- Log into "Gallery 3" as admin and update the value of variable graphics_toolkit_path (admin->settings->advanced -> gallery graphics_toolkit_path) with the path to ImageMagick.