I'm setting up a new web server on CentOS 7. One of my tasks is securing the server. So I started wtth web root (apache httpd). First by following this tutorial: http://ift.tt/1ki0wBZ
$ sudo chown -R www-data:www-data /var/www
$ chmod go-rwx /var/www
$ chmod go+x /var/www
$ chgrp -R www-data /var/www
$ chmod -R go-rwx /var/www
$ chmod -R g+rx /var/www
$ chmod -R g+rwx /var/www
Then, I created a new group called dev-website and added developers to it. after that I did this: chgrp -R dev-website /var/www so no one out of this group can access root folder. Am I on the right track?
I also have second question. let's say I have a file inside /var/www that should be excitable by MySQL user. Giving that MySQL user is not inside the group. Can I set a special permission to it to execute specific files inside the root folder?
Aucun commentaire:
Enregistrer un commentaire