Hmmm, perhaps I didn't describe very clearly. To clarify:
I can create users, no problem. But in Ispconfig, it seemed to run each website as it's own unique user. In other words, the server would run with the permissions of client1:user2
With the nginx/php-fcgi setup I have, everything runs as www-data:www-data.
Although I backup every night, if someone access one site, in theory a dodgy script, rather than hacking just the one site, could work it's way round the whole /var/www/ and hack all 4 sites. Yes, they're only small and backed up twice a day so it wouldn't cause massive problems, but I'd like to just eliminate that possibility.
I can just about see how you'd run each SITE as a different user in nginx, but of course it's the php that's writing data to the server. The only thing I can think of is if I run 4 php backends, each on their own port and user.
Just doesn't seem to be the correct way to do things, a bit untidy, and I was wondering if there was a neater way.
|
English | 
Deutsch
nginx + php-fcgi + vsftp = great. But how to have different users?
Linear Mode
Recent comments
18 hours 28 min ago
23 hours 27 min ago
1 day 53 min ago
1 day 1 hour ago
1 day 3 hours ago
1 day 7 hours ago
1 day 8 hours ago
1 day 10 hours ago
2 days 5 min ago
2 days 1 hour ago