Hi. I was wondering if there is a way to setup ISPConfig so that it would not create new web folders with the a default owner permission of the apache user. We are running a virtual host server with many mod_php scripts and feel that it is more secure to set all folders owners to a dummy user so that scripting exploits will not allow overwriting of existing content. We are aware of suphp but that is not a practical solution for us right now. regards, Eugene Coetzee
SuPHP, PHP as CGI with suexec or PHP as fcgi are the only soulutions to run PHP scripts under a user that is not identical with apache user.
There is usually a big penalty in performance running either per/php in CGI mode. suphp doesn't run on latest Apache. The original question was not about running php/perl under a different user though - it was about changing the defualt permission used by ISP Config to create new web folders. Eugene Coetzee
Create a site admin user for each site, then the folders will be owned by the site admin instead of the Apache user. If this isn't what you're lokking for, you'd have to edit /root/ispconfig/scripts/lib/config.lib.php.
