You are not logged in.

Pages: 1

#1 2008-01-22 06:43:34

Ilya
Member
From: Russia, Saint-Petersburg
Registered: 2007-08-16
Posts: 98

Apache virtual host setup

I want to setup some name-based virtual hosts with minimum changes in httpd.conf.

a) I want to keep default server with default configuration.
b) I want to place site directories inside my home direcory:
/home/username/projects/site1
/home/username/projects/site2
c) Also i want to keep permissions to my home directory /home/username as RWX --- --- (700)

Is it possible and safe?

Maybe it's better to place site1 and site2 to /home/httpd or /home/httpd/html? What permissions i must set to this directories? PHP should have an ability to write to this directories.

Offline

#2 2008-01-22 23:09:58

snowbear
Member
From: Prague, Czech Republic
Registered: 2007-02-02
Posts: 11

Re: Apache virtual host setup

Strict 700 permission is a problem because apache runs under nobody account by default thus it is unable to access your home directory. So, if you don't want to "compromise" your home directory, you would place vhost base dirs somewhere else (i. e. /srv/www) and use right permission settings.

Generally vhosts setup is quite simple:
-in /etc/httpd/conf/httpd.conf uncomment this line

#Include /etc/httpd/conf/extra/httpd-vhosts.conf

-edit /etc/httpd/conf/extra/httpd-vhosts.conf as needed
-restart apache

Offline

#3 2008-01-27 05:52:20

Ilya
Member
From: Russia, Saint-Petersburg
Registered: 2007-08-16
Posts: 98

Re: Apache virtual host setup

Please, check my config: Apache + PHP as module. There are some questions below.

httpd-vhosts.conf

NameVirtualHost *
<VirtualHost *>
    ServerAdmin admin@server
    DocumentRoot "/home/www/site1_root"
    ServerName site1
    ErrorLog "/home/www/site1_root-error_log"
    CustomLog "/home/www/site1_root-access_log" common
    <Directory /home/www/site1_root>
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>
...

directory permissions
/home/www/  root:apacheusers  770 - only apacheusers can manage sites
/home/www/site1_root/  user1:nobody  770 - user1 can manage his files, Apache (as group nobody) can read files, write permission for PHP (to create files)
/home/www/site2_root/  user2:nobody  770 - the same for user2

1) How do you think, is it safe configuration?
2) Also i have trouble: PHP creates files with permissions nobody:nobody 644. User1 and user2 can't manage that files properly... How to fix it?

Last edited by Ilya (2008-01-27 06:52:13)

Offline

Pages: 1

Board footer

Powered by FluxBB