How to run each virtual host as a separate user?
May 01, 2012 03:25AM
I currently have a web server which is running NginX 1.0.15 on Arch Linux with the following libraries: PHP-FPM, Python, Perl, and Ruby. With all these libraries, I kinda need to lock down my server. Before, I didn't have to worry about other users creating scripts or anything else, but recently I've need to open up the server to my clients.

My issues is how do I secure each virtual host folder so that if a script is created within one virtual host, it cannot access other virtual host folders. With PHP-FPM there are ways to get around it, one way is to create separate processes for each virtual host, but that's just PHP and that's a solution which I would like to only use if I have to.

I've asked this question on reddit and stack overflow and I haven't gotten the answer to my question.

On reddit, http://www.reddit.com/r/linuxadmin/comments/t045c/securing_virtual_hosts/, I went into detail about my issue, so please do read the post to get more background about my issue.

On stack overflow, http://stackoverflow.com/questions/10391600/is-there-anything-that-can-mimic-the-apache-modules-mod-suexec-behavior-with-ng, I asked if there is something that mimic's the apache module Mod_suexec for NginX, didn't really get a response I was hoping for.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 210
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready