Comments on Running Vhosts Under Separate UIDs/GIDs With Apache2 mpm-itk On Debian Etch

Running Vhosts Under Separate UIDs/GIDs With Apache2 mpm-itk On Debian Etch This article explains how you can install and configure apache2-mpm-itk on a Debian Etch server. apache2-mpm-itk is an MPM (Multi-Processing Module) for the Apache 2 web server. mpm-itk allows you to run each of your vhost under a separate UID and GID - in short, the scripts and configuration files for one vhost no longer have to be readable for all the other vhosts. mpm-itk works with mod_php because mpm-itk is based on the traditional prefork MPM, which means it's non-threaded. This means you don't need to use suExec or suPHP anymore to run a website's PHP scripts as a separate user.

6 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By:
Reply  

Are there any plans to include this in ISPconfig ?

 Best regards

 Allan Jacobsen

By:
Reply  

It has been done in ISPconfig 3.

Also, this howto should also work for Debian GNU/Linux Lenny.

By: Nikolay Ulyanitsky
Reply  
By: KEMBL
Reply  

Thank you, but IfModule mpm_itk_module - is a bad idea, one perfect day mpm_itk_module will gone and apache start to work with default credentials :)

By: Greg
Reply  

Great, though I'd suggest indenting these lines:

<IfModule mpm_itk_module> AssignUserId web1_admin web1 </IfModule>

..so that they appear to be within the <VirtualHost> block,as I believe that is important to convey these settings should onlyaffect this virtualhost, and not others.

By: till
Reply  

The indention of the lines does not matter in Apache config files (unlike e.g. .yml files of other software packages, where indention matters). For Apache it only matters that the lines are before the closing </VirtualHost> line, which is the case here.