Re: Permissions for LAMP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Sat, 2014-01-25 at 08:32 -0500, Steven Tardy wrote:

> the problem with your /var/www/html permissions is the user/group "apache"
> can write to directories and files. which can be used by anyone on the
> internet(bad guys) to use potentially exploitable dynamic
> pages(.php/.cgi/etc) to add/modify files on your server. this is a bad
> thing. SELinux may offer some protections.
> i would:
>   chmod -R g-w /var/www/html
>   chown -R somewebuser /var/www/html
> (replace somewebuser with the unix user account to modify the website.)
> 
>   http://wiki.apache.org/httpd/FileSystemPermissions

On my setup I have all web pages in a special root directory

/data/web/do/domain-name/sub-domain-name/files .....

with a non-standard user having rw-r-r 

Apache can't write to anything except

/data/web/logs/

I have self-created web site defences which, instantly after the first
hacking attempt, block the hacker's IP address. I am not giving hackers
unlimited opportunities to continuing trying to break-in.


-- 
Paul.
England,
EU.

   Our systems are exclusively Linux. No Micro$oft Windoze here.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux