On Sat, 2014-01-25 at 08:32 -0500, Steven Tardy wrote: > the problem with your /var/www/html permissions is the user/group "apache" > can write to directories and files. which can be used by anyone on the > internet(bad guys) to use potentially exploitable dynamic > pages(.php/.cgi/etc) to add/modify files on your server. this is a bad > thing. SELinux may offer some protections. > i would: > chmod -R g-w /var/www/html > chown -R somewebuser /var/www/html > (replace somewebuser with the unix user account to modify the website.) > > http://wiki.apache.org/httpd/FileSystemPermissions On my setup I have all web pages in a special root directory /data/web/do/domain-name/sub-domain-name/files ..... with a non-standard user having rw-r-r Apache can't write to anything except /data/web/logs/ I have self-created web site defences which, instantly after the first hacking attempt, block the hacker's IP address. I am not giving hackers unlimited opportunities to continuing trying to break-in. -- Paul. England, EU. Our systems are exclusively Linux. No Micro$oft Windoze here.