[CentOS] Apache and web content permissions
Leon Fauster
leonfauster at googlemail.com
Sat Dec 2 15:28:18 UTC 2017
Am 02.12.2017 um 14:27 schrieb Nicolas Kovacs <info at microlinux.fr>:
>
> Le 02/12/2017 à 14:19, Leon Fauster a écrit :
>> I would build a rpm package of wordpress (everything can be defined
>> there like permissions etc)
>
> The initial question was: WHAT permissions?
The application design should have considered security best practices. I do not known WP but check their sites.
So, following the "need to write" requirement, its a good decision (yours) to allow only the minimum. "Normally"
such space should be outside of the "document root" of the hosting.
> and disabling the automatic update
>> function in wordpress. Build once it can be installed on all (two
>> dozen) webservers automagically (local yum repository) ... externe
>
> That would mean one package per Wordpress, since I don't have only one
> Wordpress installation per server. Not a solution.
All installations should have the same base (normally the latest WP release) - so,
to be clear one package for all. This has nothing to do with different content or
themes.
I other words, if security is your focus then the process is the target of your effort.
Its just my suggestion ...
--
LF
More information about the CentOS
mailing list