Not sure why, I'm logged in via SSH and did a sudo su so I'm root yet this happens: Is this by design? I was trying to create a folder that can be accessed via FTP, outside of the web folder. Actually the ultimate goal is to have a symlinked directory not a real folder but when the creation of a symlink failed I tried a folder and to my surprise even that didn't work. Any ideas why this is happening?
Hi, this is due to the new security settings in ISPConfig that protect this directory with chattr +i (immutable bit). If you need to create a folder there you can either temporarily disable the protection with Code: chattr -i /var/www/clients/clientX/webY create the folder and enable the protection again with Code: chattr +i /var/www/clients/clientX/webY . Second option is to lower the security settings permanently inside ISPConfig in the System -> Server config -> web.
yes. There is already a folder for that purpose, it is named "private", so no need to create an additional folder.
Thanks you you both for the answers, public doesn't really fit my needs as I'd prefer for the folder to be a symlink but if that doesn't work, I'll use public
What I'M looking to do right now is to create a folder outside of the web folder for an app to safely store its backups accessible by the web server user. Is this possible/feasible? I tried creating a folder inside i.e. /var/www/clients/client1/web60/ and gave the correct permissions then used chattr -i again but the web server still cannot access that folder. I've got a feeling this is intended?
The behaviour is by design and can be changed by setting "Security level" to medium on the server config / web. The "feature" as the bug not to remove the immutable attribute if any. You need to manually chattr -i to remove it (the settings will then persists whatever change you made) If you want to maintain security level to high, you need to chattr -i prior been able to do any change on the www/clients/clientX/webY folder and either chattr +i after you made the change or wait until something get changed on the site definition (ISP does it if security level is high) To make a folder visible as web content, it need to be under web (DOCROOT) regularly or thru symbolic link. You may need on the later to adjust path in the wrapper if you are using fcgid ... Regards
The setting is "web folder protection" and not the security level. security level should never be set to medium on servers that are connected to the internet. This folder exists already, it is named "private". so you dont have to alter any security settings or create folders to store data secrely outside of the docroot.
