Hi Im am having some problems with the configuration of my server (ubuntu server 6.10). I am fairly new with linux and installing webservers. The problem im having is that when my php script saves files uploaded by a user, in the ftp client i cannot do anything (but view) with those files, the owner is www-data while the ftp user is like: web1_username i've looked around the forum and searched on google but havent yet found a good explanaition to solve this problem. When i log in to a webserver provided by a hosting company, i also see the files having different owners, but using the ftp client i can always delete files uploaded by the www-data user. How do i manage that whenever i add a new website (using ispconfig) the ftp users have all rights and can also delete files uploaded by apache(www-data)? Thanks for help! (ps. keep in mind im a noob at this )
You could use suPHP so that files are uploaded as a specific user, not www-data: http://www.howtoforge.com/suphp_debian_etch_ispconfig http://www.howtoforge.com/suphp_debian_ispconfig http://www.howtoforge.com/apache2_suphp_php4_php5
Thanks! i will try that. Still i wonder if it is not possible to make all ftp users member of the www-data group and give all group members full access to the files uploaded by other group members whitin his own web directory (so when user www-data uploads a file, user web1_username can edit/view/delete it (775))
Ok, if it is insecure that is not an option for me. But the users are still jailed in their own directories so in what way is security comprimised by making users member of www-data? Thanks!
A uploaded php or cgi script might get access to all other sites as the php safemode functions can not be considered 100% secure. If the files of every website belong to another user and group and php is run with suphp under the same user and group, its more secure.
So here is what i've done... i followed the tutorials that Falko gave me and was able to install suPhp and ispconfig did what it was supposed to do (it wrote its vhosts file as said in the tutorial). I also installed php5 cgi and in suphp.conf i set the handler like this: Code: x-httpd-php=php:/usr/bin/php5-cgi when i tried to load my php page i got the following error: Code: Caused by SystemException in API_Linux.cpp:427: execve() for program "/usr/bin/php5.cgi" failed: No such file or directory I guess i specified the wrong path to my php5 cgi since i cannot find it at that location (also not by using the shell) i am on ubuntu 6.10. How do i find out where i have to search for the php5-cgi dir? Sorry if this is a stupid question ! thanks for answers!
You see the difference, you entered the filename with a "-" and suphp searches for the file with a "." in the filename. Please check your suphp config file if you set the correct name of the php cgi binary. php5-cgi is a file, not a dir!
I see, im so stupid ... these kind of mistakes usually get me confused for hours. Thanks for the help, i got everything working now thanks to you guys!
