0

I'm having a little trouble understanding the recommendation to setup a separate user for the file permissions of www/html folder in apache. See point 5 from this

The recommendation is out of the box Apache sets your html folder to nobody or daemon. But this isn't a good idea!

I have a VM on Google Cloud compute Engine and when uploading files it only lets you do this to your home folder. Then from their with ssh I can move them over to my html folder.

When I do a ls -a on my html folder after the move, it has kept the username for my local machine that I uploaded the files and folders from.

Long story short have I, albeit without knowing, basically adhered to this above recommendation? Or do I need to create a completely new user on the box and assign the html folder to that user?

Dominic Motuka
  • 1,231
karl
  • 101

1 Answers1

2

On Ubuntu (and most distros) Apache already runs as a separate user. Various distros use various users, but Ubuntu uses www-data.

To manage your web server without root see How to avoid using sudo when working in /var/www?

Although the information on that site is helpful, you should always start with the Ubuntu information first wherever possible (IMHO)

https://help.ubuntu.com/lts/serverguide/httpd.html

Panther
  • 102,067
  • thanks for the advice, one thing I've noticed though is the www folder itself user is root, then everything inside it has a different user. Should the www not also be a separate user to root? – karl Nov 08 '17 at 16:59
  • See https://askubuntu.com/questions/46331/how-to-avoid-using-sudo-when-working-in-var-www . Personally I keep everything on my web server owned by root , group www-data and www-data has ro as much as possible. – Panther Nov 08 '17 at 17:02