Hi,
What user did you use to run nginx? And php?
Now I´m using nobody:nogroup but I´m planning in change to www-data.
Or shoul I create a nginx user?
What is more secure?
Personally I created a dedicated user for running nginx and my
applications. This enables me to log into my server through that user
and do manual tweaking without messing around with permissions and
root access.
I would also be interested to know how people handle that.
On Sun, 2008-07-13 at 19:43 +0200, Thomas wrote:
Personally I created a dedicated user for running nginx and my
applications. This enables me to log into my server through that user
and do manual tweaking without messing around with permissions and
root access.
I have the application files owned by one unprivileged user, and the web
server runs as a different unprivileged user. Login is disabled for the
web server user.
This way, the web server can’t alter the application, and a user logging
into the system to edit the site need not be root.
If you have multiple people allowed to edit the live files, consider a
subversion repository, or failing that, a webmasters group, where all
the application files are g+w and owned by webmasters.
Regards,
Erek Dyskant