Results 1 to 3 of 3

Thread: [apache2] - run virtual hosts with different users

  1. #1
    Join Date
    Sep 2015
    Location
    Italia
    Beans
    91
    Distro
    Ubuntu 16.04 Xenial Xerus

    [apache2] - run virtual hosts with different users

    Dear users,

    I have some virtual hosts configured in my VPS, but they are running under the same user, www-data, and this involves some security problems.

    I thought to run each virtual host with a different user, so a website under a vh can't damage the others.

    I tried to set this in vh1.conf:
    Code:
    User vh1
    Group vhosts
    And I also created vh1 user in ubuntu.

    But when I call phpinfo() I see in each virtual host that the user is www-data.

    How can I fix this issue?

    Thanks

  2. #2
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    13,188
    Distro
    Kubuntu Development Release

    Re: [apache2] - run virtual hosts with different users

    You can't do this unless the virtual hosts listen on ports other than 80. Then you could run separate instances of apache for each port running as different users.

    The better question is why having www-data be the only user is a security problem. The www-data user should have extremely limited write privileges or no write privileges at all. Users could have www-data as their group with 750 permissions, but only the users themselves should be able to write into the directories under the DocumentRoot.

    My virtual hosts have a DocumentRoot that points to a directory under the user's home with group www-data and 750 permissions.
    If you ask for help, do not abandon your request. Please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  3. #3
    Join Date
    Sep 2015
    Location
    Italia
    Beans
    91
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: [apache2] - run virtual hosts with different users

    So what you advice me?
    And what shared hosting companies do on their servers?

    Thanks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •