I have been having some problems setting up my webserver.
I have installed apache2
and I'm trying to setup the web folder permissions.
Right now all my pages are stored in /var/www
and then a folder named after the vhost, ex: /var/www/www.example.com
The owner of the folder is root:root
and then via acl
I added my user (xeroxer:xeroxer
), the vsftpd
) and the apache2
) with rwx
This setup works for my user since I get acccess to all the files with all permissions, so via ssh
I can edit all the sites content.
user is setup so a user with the name www.example.com
is created with the dir /var/www/$USER
This makes the vsftpd
user unique for every vhost and the vsftpd
user has full permission over the folders and files.
Now to the problem:
user is used for every vhost and the permissions is maxed out. With makes the problem with the page www.example.com
can access the files for www.example2.com
because it has full permission for those files to.
It also creates the problem with making files not writable, as in config files. Because the acl
permissions is set to rwx
the user always has full access, and if you configure the chmod
as the vsftpd
user no changes are made for the www-data
Now I don't know the best web setup for this but many webhosts seem to make it work.
The only way I can think of is for every vhost you create a server user with a homedir:
Then you somehow make it so that the webserver uses the user permissions (www.example.com:www-data
) for that folder.
And somehow you also configure the vsftpd
user to be www.example.com
with the exact same permissions as the apache2
I don't know if this is possible or if it's a good solutions, just the only way I could think of right now.
Maybe someone knows a good setup to use for my webserver or agree that this is a good setup and can help me solve the remaining problems.
Right now all my configuration is stored in files and maybe someone has some ideas on how to store it in a mysql
database instead, making it so much easier to control via a webpanel.
Thanks in advance...