[SATLUG] WordPress / Apache problem on Ubuntu
Daniel J. Givens
daniel at rugmonster.org
Wed Jan 19 18:44:13 CST 2011
On 1/19/2011 4:08 PM, Josh Lavin wrote:
> Most servers running PHP do so with some sort of set-user jail, so
> that the PHP pages can be owned by their own user.
Huh? Since when? I've been managing thousands of web servers (literally)
running PHP and that scenario is hardly ever used.
> You should look at
> suPHP, or else have a separate instance of Apache/PHP for your user
> and set the User/Group directives to that user (but let root own
> Apache itself).
If you're setting up a big shared environment, I could see this.
However, running multiple Apache instances would require a separate IP
for each site. If there's no need for SSL, then that is just wasting
precious resources. If you were really wanting to do user separation,
you could use php-cgi under FastCGI, each one running as the respective
user, or use something like httpd-itk.
Either way, I don't want to give my web server any unnecessary write
access because one missed update could turn your box into a spambot,
phishing site, or any other thing. And no, you don't need root
privileges to do that.
> You will find that any other scenario will prevent the WordPress
> automatic update function.
Incorrect. The wordpress auto update uses FTP. That user only needs
write access. Not the user the web server is running as. See my previous
reply on what is generally accepted as the best practice for most
use-cases, at least among my peers.
Sorry to sound flippant.
More information about the SATLUG