PDA

View Full Version : Question about web/ folder permissions


gkovacs
17th April 2009, 18:32
I have a problem with self installing php software: generally, PHP runs under the www-data user, but the files uploaded by users are owned by webN.clientN, and writing/directory creation is not enabled for others, so the self-installing scripts (that create files and folders) fail... unless I manually chmod 777 to the web folder, which stinks from far away as a security hole.

Is there a way to setup ISPConfig to:
- have the correct permissions in place so www-data can write/create folders without root intervention
- at the same time not expose the files to all other users on the system?

till
17th April 2009, 22:16
You selected the wrong way of php integration in the site settings. You have to select suphp or php-fcgi + suexec when the php scripts shall be executed under the permissions of the website owner.

gkovacs
17th April 2009, 22:52
Thanks for the insight.

You selected the wrong way of php integration in the site settings. You have to select suphp or php-fcgi + suexec when the php scripts shall be executed under the permissions of the website owner.

Problem is, many of my hosted applications are not compatible with fcgi, therefore I have to use mod_php.

1. Is SuExec compatible with mod_php?
2. Does the SuPHP option work out of the box (only by selecting it) or do I have to install/configure software?
3. Is SuPHP secure by itself, or do I have to turn on SuExec as well?
4. Is there a way to easily modify these existing sites or I can only select PHP mode when creating a new site?

falko
18th April 2009, 15:42
1. Is SuExec compatible with mod_php?mod_php has nothing to do with suExec.

2. Does the SuPHP option work out of the box (only by selecting it)If you set up your server according to our tutorials, then yes. :)
3. Is SuPHP secure by itselfYes.
or do I have to turn on SuExec as well?No.
4. Is there a way to easily modify these existing sites
Yes, you can switch the PHP modes easily in ISPConfig.