Ástþór IPIn this tutorial we’ll install the Debian Linux 9 (squeeze), Apache 2 with mpm-itk (to run each web as a isolated user),...
Running Apache2 virtual hosts as different users with mpm-itk
Ástþór IP
Please note! This tutorial is outdated and won’t work on the latest Debian releases. Here’s a detailed tutorial on how to set up LAMP on Debian Linux 9 (Stretch): How to set up a web server (LAMP) on Debian 9 (stretch)
Compatibility
This tutorial has been tested on the following Linux distributions:
Debian Linux 7 (Wheezy)
Debian Linux 6 (Squeeze)
Debian Linux 5 (Lenny)
Last updated:
7th of April 2018
apache2-mpm-itk is an MPM (Multi-Processing Module) for the Apache web server. mpm-itk allows you to run each of your vhost under a separate uid and gid — in short, the scripts and configuration files for one vhost no longer have to be readable for all the other vhosts.
1. Install the apache2-mpm-itk package
apt-get install apache2-mpm-itk
2. Configure user and group for each virtual host by adding the following line somewhere between <VirtualHost *:80>…</VirtualHost>
AssignUserId [user] [group]
Replace [user] and [group] with a username and group name that already exists on the system.
3. Change the owner of the web root
chown [user].[group] [location]
Replace [user] and [group] with the username and group name configured on the virtual host. Replace [location] with the location specified as DocumentRoot for the virtual host, eg. /var/www
4. Make sure the location isn’t accessible by other users (optional)
chmod o= [location]
Replace [location] with the location specified as DocumentRoot for the virtual host, eg. /var/www
5. Restart apache
/etc/init.d/apache restart
Comments
1
-
Posted on
d43m
Do you think it is possible to have Apache access folders and files owned by different users ? I have user 3 different users that don’t have root access, they have their webfolders in /var/www/$USERNAME, and apache should have access to those files without any chmoding and chowining from them …
