Thanks Mark. On 10/17/12, Mark Montague <mark@xxxxxxxxxxx> wrote: > Also, are you sure you have no home directory for the user "apache"? On > CentOS systems, if you check in the sixth field of the /etc/passwd entry > for user "apache", you should see a home directory of /var/www Yes, you are right. > For the ssh key, it is important to keep it secure. Anyone who gets > this key can use it to log in to any system that trusts the key. So it > is best to have the key be single-purpose, used only for your PHP web > application and not for anything else. If the key already exists (that > is, it was not created just for the use of this PHP web application) and > is owned by another user, then that is not great and by letting the user > "apache" read (a copy of) the key you may be doing something dangerous. The key is only used by PHP web application, so the apache owns that key. > it would be very bad if your DocumentRoot were /var/www for some reason, > as you'd then be making your ssh key available to anyone who could > access your web site). Are you saying that the apache home directory is in /var/www which cannot be changed, but the DocumentRoot should be changed to any other directory other than /var/www? The DocumentRoot should not be the same directory as the apache home directory for the security reason. Thank you. Kind regards. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|