Public html directories for users
~
On shared servers users can be given public web folders often represented in the url as http://domain.nl/~username
The following recipe will be explain how do it in a safe way.
The recipe will use apache2 webserver, (TODO) ngnix config should be added
webserver configuration
apache2
Become su:
sudo su -
Create an userdir apache configuration with
Edit: nano /etc/apache2/mods-available/userdir.conf
Add to it:
<IfModule mod_userdir.c>
UserDir public_html
UserDir disabled root
<Directory /home/*/public_html>
AllowOverride All
Options MultiViews Indexes SymLinksIfOwnerMatch
<Limit GET POST OPTIONS>
Require all granted
</Limit>
<LimitExcept GET POST OPTIONS>
Require all denied
</LimitExcept>
</Directory>
</IfModule>
Restart apache
systemctl restart apache2
Check all looks good (green):
systemctl status apache2
Nginx
TODO
user public_html dir
Each user should have inside her home folder a dir called public_html
, which can be done by a user with sudo powers.
Become super user (su)
sudo su -
Create a public_html dir for each user making the user both owner and group
for u in `ls /home`; do mkdir /home/$u/public_html; chown $u:$u /home/$u/public_html; done
==
#!/bin/sh
# make a new group
groupadd publicweb
# add apache www-data group to it
usermod -a -G publicweb www-data
# for each user in /home
for u in `ls /home`;
do
echo $u
# add user to publicweb group
usermod -a -G publicweb $u
# change group of user dir to publicweb
chown $u:publicweb /home/$u
# give permissions rwxr-x--x others need to be x for apache transversing
chmod 751 /home/$u
# just allow read permission and traversal for the group, no write to public_html dir
chmod 750 /home/$u/public_html
# make the files created under public_html belong to publicweb group
chmod g+s /home/$u/public_html
# make group of public_html publicweb
chgrp publicweb /home/$u/public_html
done