It seems client1 able to read other cliient access-log easily by simple php. <?php echo shell_exec('tail /var/www/clients/client2/web2/log/20150615-access.log')."\n"; ?> and read other client's files if the files allowed "others" to read (new file upload default permission is 644) Is it a known issue and any possible fixes?