[CentOS] chmod / chown settings on /var/www/html

gjgowey at tmo.blackberry.net gjgowey at tmo.blackberry.net
Sun Sep 23 17:35:09 UTC 2007


I can't answer all your questions, but I can answer a little. 

Ideally your should have everything from the html dir on down owned by root (or the account of whoever is going to be maintaining the html pages), but with a group of www.

The permissions for everything should have the group and others lacking write permission to anything (even if you're using a db).  There's no reason apache or anything else needs write permission to those directories unless you're planning to use webdav for publishing your pages.
 
Geoff

Sent from my BlackBerry wireless handheld.

-----Original Message-----
From: "Rogelio Bastardo" <scubacuda at gmail.com>

Date: Sun, 23 Sep 2007 10:13:46 
To:"CentOS mailing list" <centos at centos.org>
Subject: [CentOS] chmod / chown settings on /var/www/html


I'm setting up a new CentOS 4.4 server to work with Fruity (a frontend program that operates Nagios). For security purposes, what chmod and chown settings do you put on the /var/www/html folders? 
  
Also, can anyone recommend any good LAMP hardening guides? While I'm not planning on putting this into production, I'd like to cover all my bases before that's an issue. _______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos



More information about the CentOS mailing list