Wrong file change warning emails. Possible bug in class-itsec-file-change.php

I’ve been getting wrong file change warning emails for a while. As in… no files have actually been changed. The email report ALL files as Files Added, not just from that WordPress install, but from the root (there are 3 WP installs)

I looked in the error_log file and stumbled upon entries like these:

[05-Sep-2014 07:36:32 UTC] PHP Warning: opendir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (/home/eurotr:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp) in /home/eurotr/public_html/eurotrainer/wordpress/wp-content/plugins/better-wp-security/modules/free/file-change/class-itsec-file-change.php on line 452

[05-Sep-2014 07:36:32 UTC] PHP Warning: opendir(/): failed to open dir: Operation not permitted in /home/eurotr/public_html/eurotrainer/wordpress/wp-content/plugins/better-wp-security/modules/free/file-change/class-itsec-file-change.php on line 452

Line 452 is:

if ( $directory_handle = opendir(ITSEC_Lib::get_home_path() . $clean_path ) ) { //get the directory

I’m thinking this may have something to do with the file change warnings.

https://wordpress.org/plugins/better-wp-security/