Best practices to configure multiple websites managed by multiple users on Apache

Lord Pou

4/19/24, 9:43 AM

I am setting up a RedHat server with an Apache service to host multiple Wordpress websites. We work with a few different companies which develop those websites.

I'm having trouble with the access rights management. At this point, I started doing something like this : /var/www/company1/website1

/var/www/company1/website2

/var/www/company2/website1

/var/www/company2/website2

And I created users company1 and company2.

Ideally, I want company1 to only be able to edit the subfolder in 'company1', and same thing for company2. But I also need the apache user to have wxr rights on every folder.

I tried to setup chown as in 'company1:apache' for the folders in /var/www/company1, and 'company2:apache' for the folders in /var/www/company2, but by doing that company1 can also access company2 folders, and vice versa.

Would a chown as in 'apache:company1' et 'apache:company2' solve this issue and is it the best way to handle this ?

Users have a SSH access to the web server and should be able to copy their files in /var/www/companyX.

0 + 3

httpd

apache-2.4

djdomi

4/19/24, 6:03 PM

did you already jailed and chroot'ed the users into there directorys?

Lord Pou

4/20/24, 7:43 AM

@djdomi No I didn't, I just created the users and haven't communicated them yet. At this point, their home directory is still the /home/companyX

ezra-s

4/20/24, 7:38 PM

if you set directory permissions for each company with 750 permission and company1:apache ownserhsip, and each company user does not belong to group apache they should not be able to access each others data.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Best practices to configure multiple websites managed by multiple users on Apache

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.