> My situation before was: > /var/www/html -> owned by apache:apache BAD, apache don't need to own this directory, only to read it Very common way to decrease security. (perhaps it may need to be able to write in some sub-directory, e.g. upload, temp, cache, ...) > httpd -> running as apache:apache > php-fpm -> running as apache:apache So default configuration > Switching to nginx, I had to : > /var/www/html -> chown nginx:nginx > php-fpm running -> as nginx:nginx Why do you think to have to change php-fpm user ? It run using apache account by default, especially for packaged web-app which rely on this. nginx only need to be able to read (for static assets) and the fpm socket have needed permissions for nginx In fedora, 3 configurations are designed works out of the box httpd + mod_php (default in Fedora < 27) httpd + php_fpm (default since Fedora 27) nginx + php-fpm Some packaged applications also works using these 3 default configurations. Remi. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
