Member Avatar for lukas.vandendijssel

Hello,

I am sharing my webserver with a few people and I am trying to create some sort of an admin panel for them. It has to be able to change Apache VirtualHosts and reload Apache. Now I can make the config-changing PHP code, but there are 2 Apache-related problems.

  • I want only my script / all scripts from my VirtualHost to be able to write to a specific directory. So I don't want other people to be able to write a simple PHP script to bypass my config script screw around with Apache config/
  • I want only my script / all scripts from my VirtualHost to be able to reload Apache (through a shell command). Again, I don't want other scripts to be able to do this.

Running Apache 2.2 with PHP 5.3/5.4 (not really sure) on Debian Squeeze Linux.

Not sure if this is the right place for this stuff, sorry.

-Lukas

  • 4 Contributors
  • 10 Replies
  • 298 Views
  • 3 Days Discussion Span
  • Latest Post Latest Post by lukas.vandendijssel

Recommended Answers

All 10 Replies

Member Avatar for LastMitch

I am sharing my webserver with a few people and I am trying to create some sort of an admin panel for them

What do you mean by that? I mean you can create login pages for each people.

Are you talking PHPMYADMIN?

Member Avatar for lukas.vandendijssel

No, not PHPMyAdmin. I'm trying this:

They (my clients) each have their own webspace, /home/username/www/domainname.com.
And let's say an other user has the webspace /home/otheruser/www/otherdomain.com.
If I was username and I would create a file upload script, I would give Apache folder permissions for /home/username/www/domainname.com/uploads.
But otheruser could then easily access/change the files in /home/username/www/domainname.com/uploads through a PHP script.
So my idea was to make it possible for the users to grant only specific domains or something like that access to a folder.

I can't update the damn question! Aargh!

Edited by lukas.vandendijssel
Member Avatar for LastMitch

So my idea was to make it possible for the users to grant only specific domains or something like that access to a folder.

You can create a login page to that folder.

I wouldn't touch the Apache folder permission. I can't recommend something like.

If the folder have webpage and also images or other stuff you can create a login page and put it in the folder.

So if a person who want to sign in to the folder, all that person needs to do is to login.

Member Avatar for lukas.vandendijssel

I use a PHP script to upload files to the folder. Using something like a .htaccess password protection won't allow me to do that.

Edited by lukas.vandendijssel
Member Avatar for lukas.vandendijssel

I am using a PHP script to upload files. Now, I want to prevent other people on my server to do that with a PHP script (because Apache uses one user for all websites).

Member Avatar for lukas.vandendijssel_1

No, that's not what I'm looking for. When I give Apache folder write permissions, every domain on that server can write to the folder. BUT ONLY MY SCRIPTS ON MY DOMAIN SHOULD BE ABLE TO DO THAT!!!

Member Avatar for pritaeas

The problem here is that the PHP user on Apache already has rights to all those folders. This is not easily solved. If you want I can move this to the linux forum, perhaps someone there knows a way.

Please refrain from shouting.

Edited by pritaeas
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.