Apache security for multi-user development web server.
Posted
by mrmartinblue
on Server Fault
See other posts from Server Fault
or by mrmartinblue
Published on 2010-03-23T15:39:40Z
Indexed on
2010/03/25
5:33 UTC
Read the original article
Hit count: 339
I've been searching and reading through documents all morning and understand that I need to use some combination of chown and probably 'jailing' to securely give programmers access to directories on my centos webserver.
Here's the situation: I have an apache web server that has any number of virtual sites located in /var/www/site1 /var/www/site2 etc..
I have different developers that need full access both ssh and vsFTP to only the site they are working on. What is the best way to create and maintain security in this scenario. My thought would be to create a new user for each coder, jail that user to the website directory they are allowed to work in, add their user to a group and set the webroot's owner to that group.
Any thoughts? Good, bad, ugly? Thanks!
© Server Fault or respective owner