You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Lars Nielsen <la...@mit-web.dk> on 2011/06/13 13:49:28 UTC
[users@httpd] seperate logins?
Hi
I am running my own server on debian lenny with apache and php. Now I
have several websites that only I are going to update. Is it fine to run
those under the same userlogin and use virtualhosts or should I create a
separate user for each website?
Is it posible to maintain a secure server using a single user with
several websites?
Regards Lars
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] seperate logins?
Posted by Yehuda Katz <ye...@ymkatz.net>.
On Mon, Jun 13, 2011 at 7:49 AM, Lars Nielsen <la...@mit-web.dk> wrote:
> Hi
> I am running my own server on debian lenny with apache and php. Now I
> have several websites that only I are going to update. Is it fine to run
> those under the same userlogin and use virtualhosts or should I create a
> separate user for each website?
> Is it posible to maintain a secure server using a single user with
> several websites?
>
As long as you trust your own code, your ftp/ssh password security and the
security of your connection method (i.e. don't use ftp), you should be fine.
If you use ANY code or library written by someone else, you need to be
worried about its security and you might not want to run all the sites as
the same user.
That said, unless you plan on running a separate instance of apache on its
own IP for each website, you will need to use virtual hosting.
I use the ITK MPM, but this page gives you a nice list of options:
http://wiki.apache.org/httpd/PrivilegeSeparation
- Y