I don't know if somebody can help me, but i have a dedicated server on linux and the problem is only the 777 rule accepts uploads or write.
if the path of my site is /var/www/ffolder/data/www/mysite.com how i can enable the rule 755 for uploads and write?
best regards!
Just make sure that the owner of /var/www/ffolder/data/www/mysite.com are the same you use to try the upload.
If the upload is made by some script ran by Apache or nginx, the user owning the directory must be the same user used to start the webserver.
Related
I'm new to WHM, cPanel, and CentOS.
I install WHM then create an account for domain app.example.com and user peter
I point the domain name to right IP address but when I run my website app.example.com I got HTTP ERROR 500
Via SSH I log into the server and I find my previous uploaded code into
/home/peter/public_html
Then I run command sudo chown -R peter:peter /home/peter/public_html
and when I look at folders permission and owner they looks like:
I think my HTTP ERROR 500 is about user permission.
Can please help me to add right privileges to a user or what I need to do to my public_html folder be visible to the world (at browser).
What I need to do?
The best thing to know if it's a permissions problem, a bug in the programming of the web application or to see what really happens, is that you look at the log file of the web server (apache, nginx, the one you use). The log will give you more clues. Could you copy the log output when the error occurs?
It seems some required extensions were not activate or had been removed from your VPS. You should check and install/activate them. Then you can test your website again.
P.S: Sorry for my bad english
My hosting provider refuses to give access to my shared hosting plan via SSH.
The problem is that i want to set the permissions for ALL folders to 755 and ALL files to 644 but i have no idea how to apply the changes to all files&folders via FTP connection.
My guess is to use cron job, but could not find out how to do that.
Please advise
Have you tried using shell_exec via php?
http://php.net/manual/en/function.shell-exec.php
Check first if shell_exec function is enabled in your web hosting.
An alternative can be looking for an option in your ftp client.
Our server is running under CentOS 6 and handled over Panel Plesk 10.4.4. Structure of folders and files is created using php script. Then, when accessing through FTP we are unable to modify these folder contents previously created. When accessing it over Apache web user works without exception but not over ftp. Folders and files have 755 and 644 rights respectively. How to enable ftp acces? Thank you
EDIT: problem is that file owner and ftp are not the same but I do not know exactly how and where to attach it.
File and folders owner is psacln (gid 502) and group is apache (gid 503). Ftp users are not the same.
We add a login ftp user (also system one) to the group owner of files and folders "psacln" using usermod -a -G psacln ftpusername. Same procedure with apache group but problem persists.
The problem here would be that you probably run your site in mod_php mode. In this mode scripts are operated under Apache privileges, so all files and directories created are owned by Apache. This way the files cannot be accessed by your FTP user unless you set up 777 or 666 permissions.
I think your options could be
switch to FastCGI mode of PHP. Depending on your Plesk account privileges, you can either do it yourself in Plesk UI or will have to ask hosting provider for that.
This way your script will be operated under user privileges (same as FTP user) and there will be no problems with accessing these files through FTP. Also this option is often considered more secure.
make PHP script setting 777 permissions on your folders and 666 permissions on your files. It means you allow to modify them by everyone (so called "others"). So FTP user can modify these files as well. While this may sound insecure, but practically these files are already can be accessed from any other site on that system (if it is shared hosting server). So I don't think it will be any more insecure than the current status.
Regards
I'm running apache and my php site uploads images to the server. should apache upload dir have 777 permissions or belong to www-data user? How would this affect backing things up?
I think read + write permission is enough. read for backup, write for upload. It seems that no one ever need to execute anything.
And you should only grant permissions to who really need them. For example, grant write permission to www-data. And if you use another-user to do back up, only grant read permission to another-user.
You'd better avoid using 777
That depends on what you need from it. You should always use the most restrictive permissions that will let you do what you need.
Read the man page for chmod(1) to learn what the various permission bits mean. And maybe provide some more detail about your situation, so someone can provide a specific answer for you.
First and foremost the apache server needs to run as a non-privileged user. Second the upload directory should only need 600 as the permission (rw) iirc. This will allow the user that is running apache to write to that directory. The practical attack against a web server is to trick it into writing to a directory and having it execute the code that is placed there.
Ok. Im little bit confused about those permissions in linux so please people help me out. The trouble is that I dont want to run server as root, so I created another user with sudo privileges so he runs the nginx and php-fpm servers (example "sudo_user"). But the trouble is for example I have "some_user" and he has a directory of his web-site "some_user/www.some_user.com" with all the configuration files, including database passwords and so on. I set ownership of all files to some_user:some_user (user:group) and changed permissions to all files 751 (u=rwx,g=rx,o=x so other accounts cant just go in this dir and read every config file) and set to public files permission 755. But my php-fpm runs with "sudo_user" with a group "sudo_user" he don't have a permission to write or read config files in "some_user" directory. What strategy should I take?
Its probably better to create an nginx user and nginx group, and have nginx/php run under that user. Then you can add the user nginx to your some_user/sudo_user's groups with your 751 permissions and you should be set.