View Single Post
Old 26th March 2006, 01:06
till till is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts

Originally Posted by madcat87
Hello.I have the following setup:

Apache Web server Configured to use ~user dirs.User accounts with homedirs at /home/* and webroot at /home/*/public_html/ for every user(users can access their web content with ,every user can access his homedir with ssh.The problem here is that every user can read the homedir of the other user and eventually read some private .php files.The other problem is that the .php files in /home/*/public_html/ are executed with the User Apache is running as ,so if a user sets his home dir with 700 permitions the apache process can`t reach the files at /home/*/public_html/. I don`t see a point from chrooted ssh becouse users will still can see foreign user homedirs.
You must either use php as cgi with suexec or you use suphp.

And another question: How can i disable and/or Enable php only for particular users ?
Disable PHP globally in your apache configuration and enable it in each vhost.
Till Brehm
Get ISPConfig support and the ISPConfig 3 manual from
Reply With Quote