Public html directories for users: Difference between revisions

From XPUB & Lens-Based wiki
No edit summary
Line 8: Line 8:
=webserver configuration=
=webserver configuration=
==apache2 ==
==apache2 ==
Add to /etc/apache2/mods-available/userdir.conf
<source lange="conf">
<IfModule mod_userdir.c>
        UserDir public_html
        UserDir disabled root
    <Directory /home/*/public_html>
          AllowOverride All
          Options MultiViews Indexes SymLinksIfOwnerMatch                                             
          <Limit GET POST OPTIONS>
          Require all granted
          </Limit>
          <LimitExcept GET POST OPTIONS>
          Require all denied
          </LimitExcept>
  </Directory>
</IfModule>
</source>


==Nginx==
==Nginx==

Revision as of 16:52, 23 March 2020

~

On shared servers users can be given public web folders often represented in the url as http://domain.nl/~username

The following recipe will be explain how do it in a safe way.

The recipe will use apache2 webserver, (TODO) ngnix config should be added

webserver configuration

apache2

Add to /etc/apache2/mods-available/userdir.conf

<IfModule mod_userdir.c>
        UserDir public_html
        UserDir disabled root
    <Directory /home/*/public_html>
          AllowOverride All
          Options MultiViews Indexes SymLinksIfOwnerMatch                                              
          <Limit GET POST OPTIONS>
           Require all granted
          </Limit>
          <LimitExcept GET POST OPTIONS>
          Require all denied
          </LimitExcept>
   </Directory>
</IfModule>

Nginx

TODO

user public_html dir

Each user should have inside her home folder a dir called public_html, which can be done by a user with sudo powers.

Become super user (su)

sudo su - 

Create a public_html dir for each user making the user both owner and group

for u in `ls /home`; do mkdir /home/$u/public_html; chown $u:$u /home/$u/public_html; done 


==

#!/bin/sh

# make a new group
groupadd publicweb 
# add apache www-data group to it
usermod -a -G publicweb www-data 

# for each user in /home
for u in `ls /home`; 
do 
        echo $u
        # add user to publicweb group
        usermod -a -G publicweb $u
        # change group of user dir to publicweb
        chown $u:publicweb /home/$u
        # give permissions rwxr-x--x  others need to be x for apache transversing
        chmod 751 /home/$u
        # just allow read permission and traversal for the group, no write to public_html dir
        chmod 750 /home/$u/public_html
        # make the files created under public_html belong to publicweb group         
        chmod g+s /home/$u/public_html
        # make group of public_html publicweb
        chgrp publicweb /home/$u/public_html
done