[CentOS] Running Apache sites as separate users

Fri Sep 30 01:31:50 UTC 2011
John R Pierce <pierce at hogranch.com>

On 09/29/11 6:22 PM, Trey Dockendorf wrote:
> I had a recent request to improve security on my web servers by having each
> website use a different user to run the hosting service.  So
> example1.comhas it's own Apache instance running as apache1 and then
> example2.com has its own instance of Apache as apache2.  Is this even
> possible or realistic?  I understand the idea of how that would be secure,
> much like creating a virtual machine to segregate services.  The only way I
> can think how this is done is to chroot each website.  What makes this
> request even stranger is that each website will be managed by the same CMS
> and code base.  So with that being the case, I don't see how this is
> possible.  Any ideas or insight are very welcome.

afaik, its only possible to use multiple instances of apache if you have 
multiple IP addresses, each one bound to a different address, or use 
different ports for each site (which would require specifying the :port 
as part of the URL)

I'd strongly question the rationale behind this request.  sounds like 
half-thinking to me.



-- 
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast