why apache and nginx user is www-data but php-fpm user is user account oh hestiacp
Probaly you speak about public_html folder. It’s only this specific folder which is user:www-data, otherwise there would be a permission log entry. All other files within that folder are user:user.
Thanks for your reply. I dont speak about public_html. apache user in hestiacp is www-data, also nginx user is www-data but php-fpm user is owner of domain
Mainly security reasons.
www-data:www-data is de default user where Nginx / Apache2 runs under. It is impossible to run Apache2 or Nginx under each user without magic tricks. (Mod-itk and so on ) How ever this does not work under mpm_event mode (Default for Hestia)
php-fpm is running under the user so files created by php are readable / editable by the user. Otherwise you might run in in issues as you can’t delete a certain folder.
Vestacp run apache2 under user. It would be good if apache and nginx run under user.
Why do you think it is better?
VestaCP is running with modphp + mpm prefork so they are force to do it otherwise you have the issue described as above. With the changes we have made it is not need and it will increase security. So why is it better?
In case of different user for apache and php-fpm When I want set directory permissions, I must consider that directory has executable by apache and php-fpm and when users are different it take more work. Anyway I’m not professional but you are and you are right.
I set user:www-data for owner of file and direcories and use 400 permission for files and 510 permission for directories. Do you suggest better way for owner and permissions or it is good?
Set the owner to user:user and 644 for files / 755 for folders and you are done.
Again we follow recommendations from both php and apache2 / nginx It self
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.