Question

I have a web application wrote in php , working with Apache in a Linux server, the problem is that this server can be access by many users, what I want to do is , restrict the htdocs folders without broke the permissions that need Apache in order to display the web application. My idea is something like this:

User Administrator (is in the sudo group, and in administrator group) Have access to htdocs.

User Deb (is in the sudo group,and in standard group) No have access to htdocs

By access I mean, copy and modify, the php files.

Was it helpful?

Solution

In most Linux distributions Apache is run under a specific user, for example apache under Red Hat and www-data under Debian and Ubuntu. The root user and every user in the sudo have access to all files on the file system. Combining these gives you your solution: change the owner of the htdocs directory to the user under which the server is run and change the rights on the htdocs directory to 0700. So:

$ cd /[path to parent dir of htdocs]/
$ chown <apache user>:<apache group> htdocs
$ chmod 0700 htdocs

This way only the apache server user, root and users in the sudo group have access to the htdocs directory.

OTHER TIPS

You can set the htdocs folders to be readable only by group www-data and add users who are allowed to do changes ther into the www-data group.

drwxrwx--- www-data www-data vhosts/
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top