[CentOS] Best way to secure apache web root

Stephen Nelson-Smith stephen at atalanta-systems.com
Fri Nov 27 10:46:32 UTC 2009


I have a site running drupal.  The apache user therefore needs to be
able to write certain files (CSS files for example).

I also have a directory under my web root which is a SAN mount, to
which apache must be able to write.

What is the most secure way to implement this?

I am thinking:

chown -R root:apache /var/www/html
chmod -R 0750 /var/www/html
chown apache:apache for where need to write

Is there a better way?

S.


More information about the CentOS mailing list