[CentOS] how to make centos safty(php+mysql)

Mon Feb 28 19:21:20 UTC 2011
John R Pierce <pierce at hogranch.com>

On 02/28/11 7:51 AM, Yang Yang wrote:
> hi,every
>
> i have a php project and use centos to go
>
> and how to make folder's privilage and make it saft
>
> like: /home/htdocs/test
>
> chown -R www:www /home/htdocs/test
>

bad idea, the webserver should NOT own or have write access to web files.


> chmod -R 644 /home/htdocs/test

as someone else said, directories need 'execute' privilege (which really 
means permission to list the dir).  also, the webserver needs +r access 
to any directory above the http directory.

     chmod o+r /home/htdocs


I'm curious, is htdocs a user account?   putting web pages in a non 
standard place like this will trip up selinux bigtime.   the standard 
http directory on CentOS is /var/www/html/   ...   I generally put 
application websites other than the system default site in 
/home/(owner-of-application)/public_html  but this also requires some 
tinkering with selinux, and of course, a file in /etc/httpd/conf.d with 
the virtual host specifications