The correct/secure way to setup a webserver?
 

I create users so they can ftp onto the server into their /home/users/username folders. I will setup apache to see each vhost in each of the folders

Example

www.example.com would be

/home/users/wwwexamplecom/www

They could login with proftp to upload their documents. Jailed to their home folder.

My only problem is allowing apache to read from their document without compromising security. How would enable apache (httpd user on my Trustix setup) to be able to read from these folders? Currently getting the typical 403 errors.

httpd must have read access to the files of each user.

Users cant write some php script then to access someone elses directory?

useradd -g users wwwexamplecom

chown -R wwwexamplecom:users /home/users/wwwexamplecom

chmod 755 /home/users/wwwexamplecom

That look ok?

I've had this problem too. The way ]SK[ has it set up, it'd allow all users to read files on another's webspace (configuration PHP files, etc).

I'm still not sure how to do this, but that method won't protect users from each other.

*Watches this topic, maybe I'll learn something*

Edit: Changed `webserver` to `webspace`, oops.

Well I got these permissions from http://www.siliconvalleyccie.com/lin...pachebasic.htm

They state to do it this way too. I just want to be sure they cant just use php to see/access others websites?

We surly must have some webhosts here? How are you doing it?