Results 1 to 3 of 3

Thread: Post Install LAMP Question

  1. #1
    Join Date
    Feb 2009

    Post Install LAMP Question

    I have setup a LAMP server for me to use. I would like to allow a few people to have access to this server in order to host some of their content. I do not want them to have full access to the box since I have personal content on there and run other services.

    What is the best way to give them limited access?

    Is there a default group that they should be added to in order to limit their access to the AMP portion of the server?

    Do I jail ssh and sftp to /var/www and have them only upload the files that they need?

    What are the best practices for this type of situation?

    I'm used to being the only user on the system, so any insight the community can provide on this would be much appreciated.

  2. #2
    Join Date
    Sep 2011
    Behind you!
    Ubuntu 12.04 Precise Pangolin

    Re: Post Install LAMP Question

    There are probably a ton of ways to accomplish that goal and there are probably some best-practice papers out there too.

    I have not done such a thing but if I were looking to do something like that, I would probably only allow them to upload to a user-specific folder (ftp or sftp) and then have an automated script that will process the folder and move them where they need to go. I would also code in some checks for mischievous files...such as EXE files or virus/trojan files.


  3. #3
    Join Date
    Nov 2008
    Metro Boston
    Kubuntu 14.04 Trusty Tahr

    Re: Post Install LAMP Question

    Create website directories for each user like /home/username/web. Change the permissions on /home/username from 700 to 711 so the Apache "user" www-data can see their sites. For each user, create a separate <VirtualHost> with a unique ServerName like and a DocumentRoot that points to /home/user/web.

    Do you have a registered domain you can use? Itwould certainly make things a lot easier if each site had a unique public name like In the DNS you could just have:

    @     IN SOA (
    www   IN A
    user1 IN CNAME www
    user2 IN CNAME www
    Last edited by SeijiSensei; June 27th, 2012 at 02:53 PM.

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts