Apache security for multi-user development web server.

Posted by mrmartinblue on Server Fault See other posts from Server Fault or by mrmartinblue
Published on 2010-03-23T15:39:40Z Indexed on 2010/03/25 5:33 UTC
Read the original article Hit count: 335

Filed under:
|
|

I've been searching and reading through documents all morning and understand that I need to use some combination of chown and probably 'jailing' to securely give programmers access to directories on my centos webserver.

Here's the situation: I have an apache web server that has any number of virtual sites located in /var/www/site1 /var/www/site2 etc..

I have different developers that need full access both ssh and vsFTP to only the site they are working on. What is the best way to create and maintain security in this scenario. My thought would be to create a new user for each coder, jail that user to the website directory they are allowed to work in, add their user to a group and set the webroot's owner to that group.

Any thoughts? Good, bad, ugly? Thanks!

© Server Fault or respective owner

Related posts about security

Related posts about linux