After upgrading ISPConfig : website create with wrong owner and group

Discussion in 'General' started by da_sys, Dec 2, 2013.

  1. da_sys

    da_sys New Member


    Sorry for my poor english.

    I update ISPConfig from to All working fine except one thing :

    When i create a new website the folder webXX (example: web44) is create with wrong owner (root) et group (root) instead of owner (webXX - example: web44) and group (clientXX - example: web121).

    So i can't upload file on web44 now :(

    I tried to connect in ssh with root login to modify owner et group with chown command : "Operation not permitted" :(

    What is wrong ?

    Where can i modify default owner and group configuration in ISPConfig ?

    Sorry for my questions, i'm totally newbie on ISPConfig

    Thank you

    Best regards
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats all correct and as it should be. You have to upload files to the "web" folder of the website, not to the website root dir. The web folder is owned by the web user and client group of the website. If you want to store files that shall not be accessible by http, then they can be uploaded to the private directory.

    As a sidenote, the folder permission scheme has been changed with, so it was like this already on
  3. da_sys

    da_sys New Member

    Ok but our CMS must install files and folders in parent on web folder

    Hello Till,

    Thank you so much for your answer.

    In understand, but our CMS must install some files and folders in parent of web folder like configurations and core files/folder to work.

    How can i update this files and folders to "root" website (note "/web" but "/") ?

    PS : i'm trying to create a "Protected Folders" with path "/" and "Protected Folder Users" but i can't login (530 login incorrect)

    Thank you.

    Best regards
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    You can remove the folder protection with e.g.:

    chattr -i /var/www/clients/client1/web1

    so you can upload files there with root. But I recommend to activate it again when you are finished with the installation by running:

    chattr +i /var/www/clients/client1/web1

    You can also deactivate the protection mechanism permanently under System > Server config > web.

    We had to change the folder permissions for security reasons, so it was not our intention to annoy admins, it was simply nescessary.
  5. da_sys

    da_sys New Member

    Another website stop to working now

    Thank you Till,

    Unfortunately, another website with the same CMS stopped to work after update. Here is error message :

    So we're going to desactive the protection mechanism permenently.

    You said :
    You can also deactivate the protection mechanism permanently under System > Server config > web.

    Please, could you tell me the tabs and the parameter(s) to change ?

    Thank you for all.

    Best regards
    Last edited: Dec 2, 2013
  6. da_sys

    da_sys New Member

    Here is the "fix"

    Here is a "fix" to access parent folders of "web" directory (and keep "hig"h level of security in system configuration) :

    Just add path dir to allow in "open_basedir PHP" for each website. Sorry my ISP config is in french :

    "Sites" tab > Websites > "Options" tab > input "open_basedir"

    For example to add "core" folder, juste add :

    client and web must the same number of other directives.

    Best regards

Share This Page