Apache 2 file privileges and modules
Thursday, March 15, 2007 at 8:35PM File privileges
The following table shows which ownership and privileges the Apache files and directories should have. The ownership can be changed with the chown command, the privileges can be adjusted with the chmod command. Note, that the parent directories of these directories need to be modifiable only by root. All changes need to be performed in this order.
| Subject | Ownership (user:group) | Privileges |
| Binary directory | root:root | 755 (rwxr-xr-x) |
| Binary files, such as the httpd executable | root:root | 511 (r-x--x--x) |
| Configuration directory and files | root:root | 755 (rwxr-xr-x) |
| Log files and its directory | root:root | 700 (rwx------) |
| Content files and directories | apache:apache | 500 (r-x------) |
| Rails log and tmp directories and subdirectories | apache:apache | 700 (rwx------) |
Modules
# apache2 -l # or httpd -l
The following modules are a good basic:
- Core, Http_core and Mpm_common: these are always needed
- Prefork or Worker MPM: read the first part to learn more about them
- Mod_alias, everything with mod_auth..., Mod_log_config, Mod_mime, Mod_negotiation, Mod_setenvif: see the Apache documentation for more on these modules.
- These are extensions, but you need them Mod_rewrite (if you use FastCGI, for example), Mod_so (to load modules dynamically)
- you can generally disable these: Mod_cgi, Mod_cgid, Mod_actions, Mod_env (for CGI scripts), Mod_dir, Mod_autoindex (directory listings!), Mod_info, Mod_status (they provide sensitive information!)
Reader Comments (95)
Xanax sideeffect....
http://www.hicahs.colostate.edu/forum/topic.asp?TOPIC_ID=557
Free cartoon sex....
[URL=http://phpbb1.info]fot1[/URL] http://link3.info
...
great advice...
vibyzacp bhqd dquiymbe rnfgpyt dvkawzgy uveqmpfjs ebjynf