Public html directories for users

From Media Design: Networked & Lens-Based wiki
Jump to navigation Jump to search


On shared servers users can be given public web folders often represented in the url as

The following recipe will be explain how do it in a safe way.

The recipe will use apache2 webserver, (TODO) ngnix config should be added

More on ~:

webserver configuration


Become su:

sudo su - 

Create an userdir apache configuration with

Edit: nano /etc/apache2/mods-available/userdir.conf

Add to it:

<IfModule mod_userdir.c>
        UserDir public_html
        UserDir disabled root
    <Directory /home/*/public_html>
          AllowOverride All
          Options MultiViews Indexes SymLinksIfOwnerMatch                                              
          <Limit GET POST OPTIONS>
           Require all granted
          <LimitExcept GET POST OPTIONS>
          Require all denied

Restart apache

systemctl restart apache2

Check all looks good (green):

systemctl status apache2



user public_html dir

Each user should have inside her home folder a dir called public_html, which can be done by a user with sudo powers.

Become super user (su)

sudo su - 

Create a public_html dir for each user making the user both owner and group

for u in `ls /home`; do mkdir /home/$u/public_html; chown $u:$u /home/$u/public_html; done 

create group and change permissions

kudos to gnd for helping with this.

If you are no longer su, become su again :)

sudo -u

create script:

nano /root/

Add this sh script to it:


# make a new group
groupadd publicweb 
# add apache www-data group to it
usermod -a -G publicweb www-data 

# for each user in /home
for u in `ls /home`; 
        echo $u
        # add user to publicweb group
        usermod -a -G publicweb $u
        # change group of user dir to publicweb
        chown $u:publicweb /home/$u
        # give permissions rwxr-x--x  others need to be x for apache transversing
        chmod 751 /home/$u
        # just allow read permission and traversal for the group, no write to public_html dir
        chmod 750 /home/$u/public_html
        # make the files created under public_html belong to publicweb group         
        chmod g+s /home/$u/public_html
        # make group of public_html publicweb
        chgrp publicweb /home/$u/public_html

Make the script executable:

chmod +x /root/

Run it:


Test it:

ls -l /home/

user dirs should have the following groups and permissions:

drwxr-x--x  8 username            publicweb 4096 Mar 22 18:40 username

ls -l /home/*

users' public_html dirs should have the following groups and permissions:

drwxr-s--- 2 username publicweb 4096 Mar 23 15:24 public_html