Apache2 Performance parameters<\/h2>\n
Open file http.conf file as shown under \/etc\/apache2\/ below<\/p>\n
www-data is a user\/group set created specifically for web servers. It should be listed in \/etc\/passwd as a user, and can be configured to run as another user in \/etc\/apache2\/apache2.conf. www-data or daemon :<\/strong> And yes, www-data is system user, created by apache. and that is a grimmy way if listing all valid users.<\/p>\n Method 1<\/strong><\/p>\n then<\/p>\n First command changes owner and group Second command adds s attribute which will keep new files and directories within site1<\/strong> having the same group permissions<\/p>\n Method 2<\/strong> and set permissions to 755 for directories and 644 for files. to change all the files to 644:<\/p>\n Method 3<\/strong><\/p>\n Method 4<\/strong><\/p>\n Test all this by creating a file and directory and verifying the owner, group and permissions with Change file of concerned users (Admins)<\/p>\n \u2026for example \/wp-content\/uploads<\/strong> for WordPress<\/p>\n Now that you have everything installed and configured you\u2019ll need to set up some file permissions to allow Apache to read from, and you to write to, the web directory. This will be accomplished by changing the owner of the web directory, adding the Apache user and your user to this group and setting the guid bit forcing all new files\/folders to have the same group permissions.<\/p>\n In apache you have to create a new file under \u201c\/etc\/apache2\/sites-available\u201d. There you can create a new vhost file. Give them a name you want. Add ip to etc\/hosts file<\/p>\n and copy\/uddate web files to \/var\/www\/<\/p>\n![\"apache1\"](\"http:\/\/www.extradrm.com\/wp-content\/uploads\/2013\/09\/apache1.jpg\")
<\/a><\/p>\n<\/a><\/p>\n<\/pre>\n
\nApache2 Permissions<\/h2>\n
\nBasically, it\u2019s just a user with stripped permissions so if someone managed to find a security hole in one of your web applications they wouldn\u2019t be able to do much. Without a lower-user like www-data set, apache2 would run as root, which would be a Bad Thing\u00ae since it would be able to do anything and everything to your system.<\/p>\n
\nWhat version of ubuntu are you using?
\nhttpd.conf shouldn\u2019t be in use. It should be \/etc\/apache2\/envvars<\/p>\nCode:\r\n# envvars - default environment variables for apache2ctl\r\n\r\n# Since there is no sane way to get the parsed apache2 config in scripts, some\r\n# settings are defined via environment variables and then used in apache2ctl,\r\n# \/etc\/init.d\/apache2, \/etc\/logrotate.d\/apache2, etc.\r\nexport APACHE_RUN_USER=www-data\r\nexport APACHE_RUN_GROUP=www-data\r\nexport APACHE_PID_FILE=\/var\/run\/apache2.pid<\/pre>\n
\nHow are you checking users? are you just issuing \u2018users\u2019 from the command line?
\nIf you are you will only see real users there, not www-data because apache is a daemon running under the user www-data<\/strong>
\nyou can<\/p>\n #cat \/etc\/shadow<\/pre>\n
\nApache2 \/var\/www\/site1 Permissions<\/h2>\n
sudo chown -R yourname:www-data site1<\/pre>\n
sudo chmod -R g+s site1<\/pre>\n
\n
\nIf you are the only developer, why not just make the owner of \/var\/www\/ you?<\/p>\n$ sudo chown -R mike \/var\/www\/<\/pre>\n
\nAfter this you would want to do this to set the right permissions for your files and directories.
\nto change all the directories to 755:<\/p>\nfind \/var\/www -type d -exec chmod 755 {} \\;<\/pre>\nfind \/var\/www -type f -exec chmod 644 {} \\;<\/pre>\n
\nyou@yourbox:~$ sudo -i\r\n[sudo] password for you: [password]\r\nroot@yourbox:~# cd \/var\/www\r\nroot@yourbox: \/var\/www# mkdir site1\r\nroot@yourbox: \/var\/www# chown you:www-data site1\r\nroot@yourbox: \/var\/www# chmod 0750 site1\r\nroot@yourbox: \/var\/www# logout\r\nyou@yourbox:~$ ln -s \/var\/www\/site1 \/home\/you\/site1\r\nyou@yourbox:~$ exit<\/pre>\n
\n\n
groupadd www-pub<\/code>usermod -a -G www-pub usera<\/code> ## must use -a to append to existing group<\/em><\/li>\nusermod -a -G www-pub userb<\/code>groups usera<\/code> ## display groups for user<\/em><\/li>\nchown -R root:www-pub \/var\/www<\/code> ## -R for recursive<\/em><\/li>\nchmod 2775 \/var\/www<\/code> ## 2=set group id, 7=rwx for owner (root), 7=rwx for group (www-pub), 5=rx for world (including apache www-data user) <\/em>Set group ID (SETGID) bit (2) causes the group (www-pub) to be copied to all new files\/folders created in that folder. Other options are SETUID (4) to copy the user id, and STICKY (1) which I think lets only the owner delete files.There\u2019s a -R recursive option, but that won\u2019t discriminate between files and folders, so you have to use find<\/strong>, like so:<\/li>\nfind \/var\/www -type d -exec chmod 2775 {} +<\/code><\/li>\nfind \/var\/www -type f -exec chmod 0664 {} +<\/code><\/li>\numask<\/code> line at the bottom of \/etc\/profile<\/code> in my case) means files created by one user will be writable by other users in the www-group without needing to chmod<\/code> them.<\/li>\nls -l<\/code><\/strong><\/p>\n
\n\u00a0Create a new user who will be a webmaster<\/h3>\n
sudo adduser <login><\/pre>\n
Create a webadmin group<\/h3>\n
sudo addgroup www-admin<\/pre>\n
Then Add users to the group<\/h3>\n
sudo adduser <login> www-admin<\/pre>\n
Permissions on existing files<\/h3>\n
sudo chown -R root:www-admin \/var\/www\r\nsudo chmod -R 0664 \/var\/www<\/pre>\n
Permissions on existing folders<\/h3>\n
cd \/var\/www\r\nsudo find . -type d -exec chmod 2775 {} \\;<\/pre>\nAdmin web Umask for same site<\/h3>\n
nano \/home\/<login>\/.profile<\/pre>\n
umask 002<\/pre>\n
Special permissions for folders where web server must write :<\/h3>\n
sudo chown -R www-data:www-admin \/var\/www\/wp-content\/uploads\r\nsudo chmod -R 775 \/var\/www\/wp-content\/uploads<\/pre>\n
\nMethod 6 : Set Web Directory User and Permissions<\/h2>\n
Create a new group:<\/h3>\n
$ sudo addgroup webdev<\/pre>\n
Change the group of your web directory:<\/h3>\n
$ sudo chgrp -R webdev \/var\/www\/\r\n$ sudo chmod -R g+rw \/var\/www\/<\/pre>\n
Set the guid bit on all folders in your web directory:<\/h3>\n
$ sudo find \/var\/www -type d -exec chmod +s {} \\;<\/pre>\nAdd Apache to the webdev group:<\/h3>\n
$ sudo usermod -a -G webdev www-data<\/pre>\n
Add your user to the webdev group:<\/h3>\n
$ sudo usermod -a -G webdev <user_name><\/pre>\n
\nUsual WordPress Permissions for LAMP (Ubuntu)<\/h2>\n
find -type d -exec chmod 755 {} \\;\r\nfind -type f -exec chmod 664 {} \\;\r\nchmod 770 -R wp-content\/uploads\r\nchmod 770 -R w-content\/upgrade\r\nchmod 750 wp-content\/plugins<\/pre>\n
\nRunning several name-based web sites on a single IP address<\/h2>\n
\n<\/a><\/p>\n<\/a><\/p>\n