Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 25th March 2006, 23:18
madcat87 madcat87 is offline
Junior Member
 
Join Date: Mar 2006
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default Apache Virtual Hosting and SSH

Hello.I have the following setup:

Apache Web server Configured to use ~user dirs.User accounts with homedirs at /home/* and webroot at /home/*/public_html/ for every user(users can access their web content with http://domain.com/~username) ,every user can access his homedir with ssh.The problem here is that every user can read the homedir of the other user and eventually read some private .php files.The other problem is that the .php files in /home/*/public_html/ are executed with the User Apache is running as ,so if a user sets his home dir with 700 permitions the apache process can`t reach the files at /home/*/public_html/. I don`t see a point from chrooted ssh becouse users will still can see foreign user homedirs.

And another question: How can i disable and/or Enable php only for particular users ?

Thanks
Reply With Quote
Sponsored Links
  #2  
Old 26th March 2006, 00:06
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,763
Thanks: 821
Thanked 5,331 Times in 4,183 Posts
Default

Quote:
Originally Posted by madcat87
Hello.I have the following setup:

Apache Web server Configured to use ~user dirs.User accounts with homedirs at /home/* and webroot at /home/*/public_html/ for every user(users can access their web content with http://domain.com/~username) ,every user can access his homedir with ssh.The problem here is that every user can read the homedir of the other user and eventually read some private .php files.The other problem is that the .php files in /home/*/public_html/ are executed with the User Apache is running as ,so if a user sets his home dir with 700 permitions the apache process can`t reach the files at /home/*/public_html/. I don`t see a point from chrooted ssh becouse users will still can see foreign user homedirs.
You must either use php as cgi with suexec or you use suphp.

Code:
And another question: How can i disable and/or Enable php only for particular users ?
Disable PHP globally in your apache configuration and enable it in each vhost.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 26th March 2006, 04:05
madcat87 madcat87 is offline
Junior Member
 
Join Date: Mar 2006
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks a lot
Reply With Quote
  #4  
Old 31st August 2010, 08:25
OmeOme OmeOme is offline
Junior Member
 
Join Date: Aug 2010
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by madcat87 View Post
Hello.I have the following setup:

Apache Web server Configured to use ~user dirs.User accounts with homedirs at /home/* and webroot at /home/*/public_html/ for every user(users can access their web content with http://domain.com/~username) ,every user can access his homedir with ssh.The problem here is that every user can read the homedir of the other user and eventually read some private .php files.The other problem is that the .php files in /home/*/public_html/ are executed with the User Apache is running as ,so if a user sets his home dir with 700 permitions the apache process can`t reach the files at /home/*/public_html/. I don`t see a point from chrooted ssh becouse users will still can see foreign user homedirs.

And another question: How can i disable and/or Enable php only for particular users ?

Thanks
I want to do the same settings with ISPConfig - what have I do? Thanks in advance.
Reply With Quote
  #5  
Old 31st August 2010, 08:42
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,763
Thanks: 821
Thanked 5,331 Times in 4,183 Posts
Default

In ISPConfig 3, you just create a new website for every user. Every website runs then under its own permissions and a shell user can not access files from another website.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #6  
Old 31st August 2010, 11:58
OmeOme OmeOme is offline
Junior Member
 
Join Date: Aug 2010
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by till View Post
In ISPConfig 3, you just create a new website for every user. Every website runs then under its own permissions and a shell user can not access files from another website.
OK, I added website domain.com - how can I access it through IP, e.g. 111.111.111.111/path ?
Reply With Quote
  #7  
Old 31st August 2010, 12:06
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,763
Thanks: 821
Thanked 5,331 Times in 4,183 Posts
Default

Websites are always accessed by domain name and not IP address. If you have not registered the domain name yet, then edit the hosts file on your workstation.

http://www.faqforge.com/linux/contro...-a-dns-record/
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #8  
Old 31st August 2010, 12:20
OmeOme OmeOme is offline
Junior Member
 
Join Date: Aug 2010
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

Quote:
Originally Posted by till View Post
Websites are always accessed by domain name and not IP address. If you have not registered the domain name yet, then edit the hosts file on your workstation.

http://www.faqforge.com/linux/contro...-a-dns-record/
Thank you for the answer!

But why it that so? I used to have hosting with cPanel, and I could access my page through IP, when there was some DNS errors.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 23:01.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.