You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by RYAN vAN GINNEKEN <ma...@computerking.ca> on 2004/08/24 23:09:04 UTC
[users@httpd] apache permission problem please help
SEE ERROR BELOW
Was playing with permissions on my home dirs last night and changed
everything to chmod 700 had some problem with users looking at and
copying other users webpages. I have a directory in each users home dir
named www where they keep there web files ie /usr/home/username/www so
i guess when i changed everything to 700 apache was unable to use these
files.
Now i have tried the best i can to change everything back set to chmod
to 655 and even tried moving a site to /usr/local/www/username in hope
that apache could read it there but no luck what has happened please help.
Wait now things have started to work, for the web site that i moved to
/usr/local/www/username. There seems to be some lag after i make
changes to the permissions and restart apache is this possible.
I have a real mess on my hands now guess i will have to play with
permissions and modes now to get all the sites backup. How do i set up
home directories that are secure for each user ie other users on the
system cannot read them but apache can. Should i move all web pages to
the /usr/local/www dir. Also is there some way to automate this so that
when i create a new user or modify a file things will work correctly.
Have been using UNIX for many years finally got up the courage to play
with modes and perms. Guess i shot myself in the foot like i have been
warned about by many people and docs.
PLEASE HELP
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use
an ErrorDocument to handle the request.
------------------------------------------------------------------------
Apache/2.0.49 (Unix) PHP/4.3.5 mod_ssl/2.0.49 OpenSSL/0.9.7d Server at
v2.computerking.ca Port 80
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] apache permission problem please help
Posted by Laura Vance <va...@winfreeacademy.com>.
Hello Ryan,
Something you might consider is that if you have content that is
published on the web, anyone that can view the content via the web
server has the ability to copy the content. Even if you use server
settings to disable all of the saving, copying, etc so the site cannot
directly be saved to disk, the user can still just look at it and type
it into a text editor.
But here are a couple of suggestions if your only concern is about them
being able to get into each other's home directories without using the
web server.
1. Set all the web content folders and all items inside to the apache
group, then set the chmod to 640. That way only the user and apache can
read the files.
2. In your FTP server program, set all of the user access to a chroot
environment. Within a chrooted environment, they are not able to wander
around outside of their own home directory. In ProFTPD it's a line like
the following:
DefaultRoot /usr/home/[username] [username]
Hope this helps.
RYAN vAN GINNEKEN wrote:
> Was playing with permissions on my home dirs last night and changed
> everything to chmod 700 had some problem with users looking at and
> copying other users webpages. I have a directory in each users home
> dir named www where they keep there web files ie
> /usr/home/username/www so i guess when i changed everything to 700
> apache was unable to use these files.
>
> Now i have tried the best i can to change everything back set to
> chmod to 655 and even tried moving a site to /usr/local/www/username
> in hope that apache could read it there but no luck what has happened
> please help.
--
Thanks,
Laura Vance
Systems Engineer
Winfree Academy Charter Schools, Data-Business Office
6221 Riverside Dr. Suite 110
Irving, Tx 75039
Web: www.winfreeacademy.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] apache permission problem please help
Posted by Nick Kew <ni...@webthing.com>.
On Tue, 24 Aug 2004, RYAN vAN GINNEKEN wrote:
> SEE ERROR BELOW
You forgot it.
> Forbidden
That's not from your error log.
--
Nick Kew
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org