1/13/2023 0 Comments Permissions for php file secureThis is the only proper model, functionality, and security-wise. If you simply stick to this permissions model, you will not encounter any chmod / chown issues in the future. In octal notation, this results in 0750 chmod for all directories and 0640 for all files. All other users cannot read or write anything.Website group (webserver user) can read all files and traverse all directories, but not write.Website user ( example) can read, write all files, and read all directories.The following general chmod setup will allow for any website to function properly: chmod -R u=rwX,g=rX,o= /path/to/website/files Here is a simple rule: all the files should be owned by the website user and the website user’s group: chown -R example:example /path/to/website/files This reads as: add nginx user to group example. This will allow us to control what NGINX can read or not, via group chmod permission bit. We must connect things up so that NGINX (webserver) user can read files that belong to the website user’s group. So the configuration is straightforward and translates to the following directives in /etc/nginx/nf: user nginx This is the “global” webserver user that is used for all websites. NGINX must run with it own unprivileged user, which is nginx (RHEL-based systems) or www-data (Debian-based systems). etc/php-fpm.d/, you must set things to match with the created username: listen = /var/run/php-fpm/ Now, set its password by running: passwd exampleĮach website in PHP-FPM should be run under a separate pool. magento for a Magento website or example for website. The username should reflect either the domain name of the website that it “runs”, or the type of corresponding CMS, e.g.This is wrong and will lead to more trouble! ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |