HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Apache Virtual Hosting and SSH (http://www.howtoforge.com/forums/showthread.php?t=3340)

madcat87 25th March 2006 23:18

Apache Virtual Hosting and SSH
 
Hello.I have the following setup:

Apache Web server Configured to use ~user dirs.User accounts with homedirs at /home/* and webroot at /home/*/public_html/ for every user(users can access their web content with http://domain.com/~username) ,every user can access his homedir with ssh.The problem here is that every user can read the homedir of the other user and eventually read some private .php files.The other problem is that the .php files in /home/*/public_html/ are executed with the User Apache is running as ,so if a user sets his home dir with 700 permitions the apache process can`t reach the files at /home/*/public_html/. I don`t see a point from chrooted ssh becouse users will still can see foreign user homedirs.

And another question: How can i disable and/or Enable php only for particular users ?

Thanks :)

till 26th March 2006 00:06

Quote:

Originally Posted by madcat87
Hello.I have the following setup:

Apache Web server Configured to use ~user dirs.User accounts with homedirs at /home/* and webroot at /home/*/public_html/ for every user(users can access their web content with http://domain.com/~username) ,every user can access his homedir with ssh.The problem here is that every user can read the homedir of the other user and eventually read some private .php files.The other problem is that the .php files in /home/*/public_html/ are executed with the User Apache is running as ,so if a user sets his home dir with 700 permitions the apache process can`t reach the files at /home/*/public_html/. I don`t see a point from chrooted ssh becouse users will still can see foreign user homedirs.

You must either use php as cgi with suexec or you use suphp.

Code:

And another question: How can i disable and/or Enable php only for particular users ?
Disable PHP globally in your apache configuration and enable it in each vhost.

madcat87 26th March 2006 04:05

Thanks a lot :)

OmeOme 31st August 2010 08:25

Quote:

Originally Posted by madcat87 (Post 20387)
Hello.I have the following setup:

Apache Web server Configured to use ~user dirs.User accounts with homedirs at /home/* and webroot at /home/*/public_html/ for every user(users can access their web content with http://domain.com/~username) ,every user can access his homedir with ssh.The problem here is that every user can read the homedir of the other user and eventually read some private .php files.The other problem is that the .php files in /home/*/public_html/ are executed with the User Apache is running as ,so if a user sets his home dir with 700 permitions the apache process can`t reach the files at /home/*/public_html/. I don`t see a point from chrooted ssh becouse users will still can see foreign user homedirs.

And another question: How can i disable and/or Enable php only for particular users ?

Thanks :)

I want to do the same settings with ISPConfig - what have I do? Thanks in advance.

till 31st August 2010 08:42

In ISPConfig 3, you just create a new website for every user. Every website runs then under its own permissions and a shell user can not access files from another website.

OmeOme 31st August 2010 11:58

Quote:

Originally Posted by till (Post 238044)
In ISPConfig 3, you just create a new website for every user. Every website runs then under its own permissions and a shell user can not access files from another website.

OK, I added website domain.com - how can I access it through IP, e.g. 111.111.111.111/path ?

till 31st August 2010 12:06

Websites are always accessed by domain name and not IP address. If you have not registered the domain name yet, then edit the hosts file on your workstation.

http://www.faqforge.com/linux/contro...-a-dns-record/

OmeOme 31st August 2010 12:20

Quote:

Originally Posted by till (Post 238060)
Websites are always accessed by domain name and not IP address. If you have not registered the domain name yet, then edit the hosts file on your workstation.

http://www.faqforge.com/linux/contro...-a-dns-record/

Thank you for the answer!

But why it that so? I used to have hosting with cPanel, and I could access my page through IP, when there was some DNS errors.


All times are GMT +2. The time now is 20:15.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.