0

I've got a question about Apache, run on an Ubuntu server. By default, my server stores all the web files that Apache serves at /var/www/html, within which I store the webroots of all the domains my server serves (using the <VirtualHost> protocol).

For one of my subdomains, I am trying to set /home/%user&/example.com/htdocs as a webroot, but it doesn't seem to be working. Apache is giving me a 403 error when I do that. I've tried changing ownership of home/%user% (both user and group) to www-data, but it doesn't work! /home/%user%/example.com is a mount --bind of /var/www/html/example.com folder, but the website itself seems to only work when I use /var/www/html/example.com instead of the former.

Any idea as to why? I'm putting the webroot into a user's home directory because I have jailed them to their home directory, since I don't want them to be snooping around the rest of my folders.

P.S. This is not my main question, but I'll appreciate any insight on this too: All the files in /home/%user%/example.com are owned by %user%:%user%, but even though Apache is running with www-data:www-data, it doesn't seem to have any problems reading and running %user%:%user%'s file. Is it because the read permissions of these files are all set to be allowed from all users?

John Doe
  • 231

1 Answers1

1

Can you post the actual config?

This is likely caused by Apache not being configured to serve files out of /home; try a2enmod userdir to enable that set of permissions, and have a look at /etc/apache2/mods-enabled/userdir to see what does it (it'll be a <Directory> block and some allow directives).

If the site are using PHP you may need to edit /etc/apache2/mods-enabled/php*.conf and comment out the line that disables PHP in home directories, too.

/home/%user%/example.com are owned by %user%:%user%, but even though Apache is running with www-data:www-data, it doesn't seem to have any problems reading and running %user%:%user%'s file. Is it because the read permissions of these files are all set to be allowed from all users?

Yes; it's the 'all users' permissions there. Apache reads PHP files rather than executing them, as far as permissions are concerned.

BigRedS
  • 83
  • Hi @BigRedS, thank you for chiming in. I have found an answer to my question here. Couldn't have done it without your answer pointing me in the right direction! – John Doe Sep 12 '18 at 09:04