[CentOS] Apache and web content permissions

Mon Dec 4 09:31:53 UTC 2017
Nicolas Kovacs <info at microlinux.fr>

Le 03/12/2017 à 23:59, Pete Travis a écrit :
> TL;DR my process is:
> - Make a list of real humans that need to work on the site
> - Assume the web server user should have at least read access on all
> files in the site documentroot, or we'd put them somewhere else.
> - Make a list of directories (uploads, cache, session files, etc) the
> web server must have write access to.
> - Use various permissions utilities to make sure humans and web server
> can do their assigned work and nothing more.

Wow. Thanks *very* much for your detailed answer. I'll work through that
this week.

FYI, I'm the only user with shell access to the server. The user
'microlinux' is my "standard" non-root user on the server. I know I
could also have called him 'nkovacs'.

When hosting Wordpress (or Dolibarr, OwnCloud, ...) I don't expect my
users to do administrative tasks, because that's precisely my job.
They're only expected to *use* this stuff (e. g. write a blog, do their
management, share files over the network, etc.). And no, I don't use
FTP, only SSH (mostly with key authentication).



Microlinux - Solutions informatiques durables
7, place de l'église - 30730 Montpezat
Site : https://www.microlinux.fr
Blog : https://blog.microlinux.fr
Mail : info at microlinux.fr
Tél. : 04 66 63 10 32