View Single Post
Old 29th August 2006, 07:33
Dave Lane Dave Lane is offline
Junior Member
Join Date: Mar 2006
Location: Christchurch, New Zealand
Posts: 9
Thanks: 0
Thanked 1 Time in 1 Post
Send a message via ICQ to Dave Lane
Default Hardening ISPConfig

Hi Till and Falko,

We're very happy with ISPConfig, and would like to thank you guys for making it available to us! At this point, we are keen to "harden" our servers running ISPConfig and would like to do, as Norman suggests, a chmod 750 on /home/www/* to prevent other clients (and their users) from accessing any other client directory...

As Norman points out, however, this breaks access for Apache (running as user www-data on our Ubuntu system). We notice that any new web?? group automatically includes the admispconfig user - how could we also automatically include the user www-data? We've grepped the ISPConfig code looking for hints, but haven't found the right place... Any suggestions would be greatly appreciated.

Kind regards,

Reply With Quote