Re: [CentOS] Best way to secure apache web root

30 Nov 2009


      Hey
On Fri, Nov 27, 2009 at 10:46 AM, Stephen Nelson-Smith
stephen@atalanta-systems.com wrote:
...
I have a site running drupal.  The apache user therefore needs to be
able to write certain files (CSS files for example).
I also have a directory under my web root which is a SAN mount, to
which apache must be able to write.
What is the most secure way to implement this?
I am thinking:
chown -R root:apache /var/www/html
chmod -R 0750 /var/www/html
chown apache:apache for where need to write
Is there a better way?
This might be an idea
http://www.faqs.org/docs/securing/chap29sec254.html
and this
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-acls.html
of course disabling execution of files in your upload dir is really important.
Cheers Didi
-- 

My www page: www.ribalba.de
Email / Jabber: ribalba@gmail.com
Skype : ribalba

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [CentOS] Best way to secure apache web root