You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by David Fowler <da...@hotmail.com> on 2003/01/26 04:43:23 UTC

[users@httpd] Apache 2 & Security

I read in a comment @ php.net that Apache 2 supports running Vhosts under 
different users, is this true?

I run apache and would like to make my file system more secure, i.e making 
it so that files in on users directorys(UserA for example) cannot be altered 
by another users scripts(UserB) (PHP) because the scripts are run under the 
username of the webserver which has access to a & b's files

_________________________________________________________________
MSN Messenger - fast, easy and FREE! http://messenger.msn.co.uk


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Apache 2 & Security

Posted by Daniel Lopez <da...@rawbyte.com>.

On Sun, Jan 26, 2003 at 03:43:23AM +0000, David Fowler wrote:
> I read in a comment @ php.net that Apache 2 supports running Vhosts under 
> different users, is this true?
> 
> I run apache and would like to make my file system more secure, i.e making 
> it so that files in on users directorys(UserA for example) cannot be 
> altered by another users scripts(UserB) (PHP) because the scripts are run 
> under the username of the webserver which has access to a & b's files

The perchild MPM does it, but it is still not production ready
http://httpd.apache.org/docs-2.0/mod/perchild.html

Cheers

Daniel

-- 
Teach Yourself Apache 2 -- http://apacheworld.org/ty24/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Apache 1.3.x mod_ssl- how to test?

Posted by Jim Sheffer <ji...@blueworld.com>.

yes, a typo.  sorry.
jim


On 30 Jan 2003 13:17:59 -0600, Ben Ricker wrote:
> On Thu, 2003-01-30 at 13:18, Jim Sheffer wrote:
>>  I'm trying to get mod_ssl to work, but to no avail.
>>  I have a valid cert and everyhting seems to be set up correctly, but 
>>  when I add the following and restart, Apache won't start.  It says it 
>>  is starting, but none of the websites are accessable.
>>  
>>  I have the following in my httpd.conf file:
> 
>>  ServerName secure. integrated.net
> 
> I assume the space between 'secure.' and 'integrated.net' is a typo?
> 
> Ben Ricker
> 
> 
> -- 
> Ben Ricker <br...@wellinx.com>
> Wellinx.com
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] SSL all of a sudden is not working...

Posted by Alex Pilson <al...@flagshipinteractive.com>.

Apache 1.3.27 OS X...

I had set up a domain with Mod SSL and it has worked fine for sometime...

Now trying to access via. https://secure..thedomain.com the browser 
does not find it.

Trying http://secure..thedomain.com:443 the browser finds it but I 
get a browser error attempting to load site...

What could have been tripped up? Where should I look? thanks.
-- 
<--------------------------------------------------------------->
     Alex Pilson
     FlagShip Interactive, Inc.
     alex@flagshipinteractive.com
     404.728.4417
     404.642.8225 CELL
<--------------------------------------------------------------->

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Apache 1.3.x mod_ssl- how to test?

Posted by Ben Ricker <br...@wellinx.com>.

On Thu, 2003-01-30 at 13:18, Jim Sheffer wrote:
> I'm trying to get mod_ssl to work, but to no avail.
> I have a valid cert and everyhting seems to be set up correctly, but 
> when I add the following and restart, Apache won't start.  It says it 
> is starting, but none of the websites are accessable.
> 
> I have the following in my httpd.conf file:

> ServerName secure. integrated.net

I assume the space between 'secure.' and 'integrated.net' is a typo?

Ben Ricker


-- 
Ben Ricker <br...@wellinx.com>
Wellinx.com


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] Apache 1.3.x mod_ssl- how to test?

Posted by Jim Sheffer <ji...@blueworld.com>.

I'm trying to get mod_ssl to work, but to no avail.
I have a valid cert and everyhting seems to be set up correctly, but 
when I add the following and restart, Apache won't start.  It says it 
is starting, but none of the websites are accessable.

I have the following in my httpd.conf file:

LoadModule ssl_module         libexec/httpd/libssl.so
AddModule mod_ssl.c

<VirtualHost 192.147.175.21>
DocumentRoot /Library/WebServer/Documents/integrated
ServerName secure. integrated.net
CustomLog /Library/WebServer/Documents/integrated/logs/access_log common
SSLEngine on
SSLCACertificateFile /etc/httpd/ca.txt
SSLCertificateFile /etc/httpd/cert/secure_ integrated_net.crt
SSLCertificateKeyFile /etc/httpd/cert/integratedkey.key
</VirtualHost>

Thanks!
Jim

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org