...
PHP Directory | Ownership | Files and Directory Permissions | Comment |
---|---|---|---|
/opt/web/ | serveradmin:www-data | serveradmin:www-data rwXr-X--- | Main folder for all web related work. |
/opt/web/php/ | serveradmin:www-data | serveradmin:www-data rwXr-X--- | Top level folder for PHP. |
/opt/web/php/tmp/ | serveradmin:www-data | serveradmin:www-data rwXrwX--- | PHP requires write access to this folder for temporary files. |
/opt/web/php/logs/ | serveradmin:www-data | serveradmin:www-data rwXrwX--- | PHP requires write access to this folder for log files. |
...
Code Block | ||
---|---|---|
| ||
cd /opt/web/php/
sudo mkdir ./tmp/ ./logs/
sudo chown -R serveradmin:staff ./tmp/ ./logs/
sudo chmod -R u+rwX,g+r-w+X,o-rwx ./tmp/ ./logs/ |
...
Code Block |
---|
; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; http://php.net/open-basedir
open_basedir = /opt/web/php/ |
This helps minimizes the amount of damage that can be done in the event that the system is compromised to the specified directory.
...