Join Log in
Score:0
NME New Media Entertainment avatar Ubuntu

LEMP Secure hosting multiple users with Wordpress on ubuntu 22.04 LTS

hu flag
NME New Media Entertainment

Working on a stack with LEMP, Wordpress and multiple users. I am not sure if everything is secure. The server will have multiple users, and want to prevent them from accessing other users files / data etc. Is there anything else I need to take into account?

OS

Ubuntu 22.04.1 LTS  
Linux 5.15.0-1028-aws

Nginx config site 1

# http to https redirect
server {
    listen 80;
    server_name site1.xxx.mobi;
    return 301 https://site1.xxx.mobi$request_uri;
}

# the server
server {
    listen 443 ssl http2; 
    server_name site1.xxx.mobi;
  
    ssl_certificate /etc/letsencrypt/live/site1.xxx.mobi/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/site1.xxx.mobi/privkey.pem;

    client_max_body_size 100M;
    
    root   /var/www/site1.xxx.mobi/public_html;
    index  index.php index.html index.htm;
    
    #root
    location / {
    try_files $uri $uri/ /index.php$is_args$args;
    }


    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass unix:/run/php/php8.1-fpm.site1.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

PHP POOL

[site1]
user = site1
group = site1
listen = /run/php/php8.1-fpm.site1.sock
listen.owner = www-data
listen.group = www-data
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

PERMISSIONS

root@ip-172-26-10-206:/var/www/site1.xxx.mobi/public_html# ll
total 24M
drwxr-xr-x  7 site1 site1 4.0K Jan 14 01:35 .
drwxr-xr-x  3 site1 site1 4.0K Jan 13 23:53 ..
drwxr-xr-x  2 site1 site1 4.0K Jan 14 01:35 .quarantine
drwxrwxrwx  2 site1 site1 4.0K Jan 14 01:35 .tmb
-rw-r--r--  1 site1 site1  405 Jan 14 01:32 index.php
-rw-r--r--  1 site1 site1  24M Jan 14 01:32 latest.zip
-rw-r--r--  1 site1 site1  20K Jan 14 01:32 license.txt
-rw-r--r--  1 site1 site1 7.3K Jan 14 01:32 readme.html
-rw-r--r--  1 site1 site1 7.1K Jan 14 01:32 wp-activate.php
drwxr-xr-x  9 site1 site1 4.0K Jan 14 01:32 wp-admin
-rw-r--r--  1 site1 site1  351 Jan 14 01:32 wp-blog-header.php
-rw-r--r--  1 site1 site1 2.3K Jan 14 01:32 wp-comments-post.php
-rw-r--r--  1 site1 site1 3.0K Jan 14 01:32 wp-config-sample.php
-rw-rw-rw-  1 site1 site1 3.3K Jan 14 01:34 wp-config.php
drwxr-xr-x  6 site1 site1 4.0K Jan 14 01:35 wp-content
-rw-r--r--  1 site1 site1 5.5K Jan 14 01:32 wp-cron.php
drwxr-xr-x 27 site1 site1  12K Jan 14 01:32 wp-includes
-rw-r--r--  1 site1 site1 2.5K Jan 14 01:32 wp-links-opml.php
-rw-r--r--  1 site1 site1 3.9K Jan 14 01:32 wp-load.php
-rw-r--r--  1 site1 site1  48K Jan 14 01:32 wp-login.php
-rw-r--r--  1 site1 site1 8.4K Jan 14 01:32 wp-mail.php
-rw-r--r--  1 site1 site1  25K Jan 14 01:32 wp-settings.php
-rw-r--r--  1 site1 site1  34K Jan 14 01:32 wp-signup.php
-rw-r--r--  1 site1 site1 4.8K Jan 14 01:32 wp-trackback.php
-rw-r--r--  1 site1 site1 3.2K Jan 14 01:32 xmlrpc.php

USER

site1:x:1001:1001::/home/site1:/bin/sh
65
0 + 1
php
karel avatar
sa flag
karel
@guiverc NME is using Ubuntu 22.04.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.