Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 05-20-2011, 08:37 PM   #1
LQ Newbie
Registered: May 2011
Posts: 5

Rep: Reputation: Disabled
Permissions for an apache webserver


I'm running my own Debian 6.0 server. I have used the following guide for setting the system up (did not install ispconfig):

A short summary:
Apache 2.2.16, Postfix mail server, MySQL, BIND nameserver, PureFTPd, SpamAssassin, ClamAV, Fail2ban, MySQL.

For the handling of homepages I use the apache directive in virtual.conf.

However I'm not quite sure, what to do with permissions. My ftp-users (virtual and chrooted) are all running as user 'ftpuser' as a member of 'ftpgroup'.

My current setup is as follows:

/var/www/ drwxrwxr-x root root
/var/www/ drwxr-xr-x ftpuser ftpgroup
/var/www/ -rw-r--r-- ftpuser ftpgroup

Currently it isn't possible for PHP to create new files in directory "", only for the ftp users. I would like both to be able to do so.
With security in mind, is it okay, to make apache a part of the 'ftpgroup', which would give apache access to all domains?

Do you have any other suggestions for improving security?

Best regards
Old 05-21-2011, 03:32 AM   #2
Registered: Oct 2006
Location: Slovak Republic
Distribution: Slackware 14.2, current
Posts: 425

Rep: Reputation: 56
There is a very good thread about this issue. Especially the post of NominalAnimal.

Last edited by hua; 05-21-2011 at 03:34 AM.


access, apache2, debian, permissions, server

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Lack basic understanding of permissions(apache permissions problem) cK` Linux - Newbie 7 04-08-2010 11:49 PM
Apache Webserver on Slackware - Failed to Start Apache - 'no listening sockets .." CCTVGuru Linux - Server 4 10-11-2009 01:14 AM
Apache webserver Help.. co_macho Mandriva 5 02-26-2006 10:22 PM
Apache Webserver 403 Forbidden Errors (User not in apache group?) Mankind75 Mandriva 4 07-08-2004 05:30 AM
Apache webserver trusouthrnplaya Linux - Networking 1 03-30-2003 11:34 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:05 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration