httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mantasman <mantasman....@gmail.com>
Subject Re: [users@httpd] safe .htaccess permissions
Date Sat, 20 May 2006 22:34:21 GMT
I've solved .htaccess problem by adding www-data user to virtualuser_1
group.

However, i'm having another problem now.
I've disabled global error log. my virtual hosts contain line:
"ErrorLog /full/path/to/error_log"

however, all errors are logged into /etc/apache2/logs/error_log . What's
wrong with my config?


On Sat, 2006-05-20 at 06:14 -0400, Bill Jones wrote:
> On 5/20/06, mantasman <mantasman.net@gmail.com> wrote:
> > hi, i'm setting up a shared www server under debian with apache2.0 . In
> > order to make it secure, i use suExec and all users' files are chmoded
> > to 770. but i must keep .htaccess and passwords files chmoded as 774.
> > otherwise, apache gives forbidden error and logs say:
> >
> > pcfg_openfile: unable to check htaccess file, ensure it is readable
> >
> > is there any ways to have .htaccess chmoded as 770?
> > what user is "pcfg_openfile" running under?
> 
> There is no userid pcfg_openfile -- thats a standard error.  I would
> suggest you change those files to be owned by the sam ID as your WWW
> server; you can see who this is by using:
> 
> lsof -i tcp:80
> 
> chown them that id with root as group then chmod them to 0440  --
> should make them secure enough.  if there is such as thing as secure
> enough.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message