News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

Proper apache+php regular user owner+permission setup + smf?

Started by luuuciano, July 28, 2014, 01:35:53 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

luuuciano

July 28, 2014, 01:35:53 PM Last Edit: July 28, 2014, 01:46:43 PM by luuuciano
A few days ago I have reinstalled our server... this time I wanted to have the site files in an user path (to not use root, access it by sftp using the regular user account, etc)
So... our paths looks like:

/home/username/http/forum.com/

The thing is... that apache uses http:http (user:group), so... I had to chown ~/http/* to it... to be able to install mods, etc...

But... there is any way to have all those files as username:username? **
To be able to upload files without having to chown http:http <-> username:username all the time... and editable by the user, etc...

You know, like in every server well configured... lol


** and smf continue being able to install mods, etc... it is like apache using a mask as the username? how do it all those shared hosting that has a lot of users inside?? (just to give an example of several usernames, multiple apache virtualhosts, etc)
No me agradan los foros que no te dejan borrar TU PROPIO usuario, como por ejemplo smfsimple.com.
E incluso te mandan emails no solicitados, de los cuales, quizá, no puedas escapar porque NO te dejan posibilidad a deshabilitarlos (a menos que NO te tengan en su lista negra).

青山 素子

#1
July 29, 2014, 04:13:06 AM
Yes, and it depends on how you configure the server. You could use virtual FTP users that map to the web user. You could use something like suexec to keep ownership the same across how PHP is being run and FTP users, or you could use one of many other tricks.

How is the server currently configured? Any control panel?

Most commercial control panels either use a tool like suexec, suphp, or do the virtual mapping of FTP users. Some just don't handle it at all.

For my personal servers, and servers I set up for clients, I tend to use suexec as it's more secure in my experience. It does require more configuration, however.
Motoko-chan
Director, Simple Machines

Note: Unless otherwise stated, my posts are not representative of any official position or opinion of Simple Machines.

luuuciano

#2
July 29, 2014, 07:54:36 AM
Thanks a lot for the information 青山 素子!
We are using a VPS unmanaged, lol... so, will start reading about suexec :)
No me agradan los foros que no te dejan borrar TU PROPIO usuario, como por ejemplo smfsimple.com.
E incluso te mandan emails no solicitados, de los cuales, quizá, no puedas escapar porque NO te dejan posibilidad a deshabilitarlos (a menos que NO te tengan en su lista negra).

青山 素子

#3
July 29, 2014, 08:12:19 PM
Since it's unmanaged, make sure you have someone knowledgable who can help you out if you aren't familiar with managing servers. Having a publicly accessible server makes you a target for all kinds of automated attacks, so always try to be safe and remember to keep backups!

I'd be happy to share details of my suexec configuration if you'd like.
Motoko-chan
Director, Simple Machines

Note: Unless otherwise stated, my posts are not representative of any official position or opinion of Simple Machines.

Print
Go Up Pages1
User actions
Advertisement: