httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gare" <g...@wanadoo.es>
Subject Re: [users@httpd] Apache and multiple Virtual Hosts best practices
Date Sat, 20 Nov 2004 10:06:43 GMT
I think it's a better practice to have all the owners under an only account
(not root of course).
You define an account  ( for example principal) and in proftpd you use a
file with users:passwords for the virtual users (you have to configure
proftpd to work so). These  virtuals users have the same uid and gid than
principal, so these users can only access to their folders (their virtual
domains) Now in Apache config file set principal as user group for each
virtual domain.
This method is more secure than use a real account for virtual user. And of
course I recomend you to use suExec, and phpsuExec, and mod_secure, at
least.

Bye


----- Original Message ----- 
From: "Jim Lynch" <jwl@sgi.com>
To: <users@httpd.apache.org>
Sent: Friday, November 19, 2004 4:50 PM
Subject: Re: [users@httpd] Apache and multiple Virtual Hosts best practices


> Eric Wagar wrote:
>
> >I have an Apache web server with a few virtual hosts.  The ftp is handled
by
> >proftpd, and I have multiple users defined.  These users have their own
uid
> >and gid.  The problem comes when Apache is uid apache and need to write
to
> >the said directory.
> >
> >I am wondering what other people have done to deal with this.  Do people
just
> >set all the ftp users uid/gid to the same as the Apache uid/gid on the
> >system?  Obviously this would be an ok solution because apache uid/gid !=
> >root.
> >
> >What are the other ways you guys have dealth with this?
> >
> >Thanks
> >eric
> >
> >
> Check out suEXEC and Apache.  That might be what you're looking for.
>
> Jim.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message