• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

web directory ownership/permissions problem

A

AidanC

Guest
Hello,

I'm having a problem with the way the ownership/permissions on web directories is set up. The problem is the apache user needs to have write access to web directories for a lot of CMS type functionality involving updating files to work.

When I add a new domain the permissions are set just like indicated here: http://download1.parallels.com/Ples...nistration-guide/index.htm?fileName=60914.htm

e.g. for httpdocs the user is the account username and group is psaserv and the permissions are rwxr-x--- and the permissions for files within are rw-r--r--

CMS programs such as Wordpress that need to write files cannot do so with this setup because apache does not have write permission. So I'm wondering what is the best or standard way to fix this problem? I can manually change the permissions on the files to rw-rw-r-- (ie. add write permission for group) but I have no idea if this is the best approach. Also I need to have it set up so that the permissions are set correctly whenever I add a new domain - how do I control the default permissions?

This must be a common setup requirement for most websites so I'm hoping someone can help me get it set up right so that I don't have to keep messing around with manually changing permissions.

Thanks in advance,
Aidan
 
Thanks Valics for sharing this. However I investigated suphp and found out it comes with a significant performance hit: 'suphp is some 25 times slower than mod_php' - http://blog.stuartherbert.com/php/2008/01/18/using-suphp-to-secure-a-shared-server/.
I'm running a small VPS with limited resources so if this info is correct, I don't think suphp is a suitable solution for my case.

If anyone has any other suggestions for setting up web directory ownership/permissions, please let me know.
 
As far as I know is your only way suphp or fcgi to solve youjr problem.
We manage arond 20 servers, half is VPS and all have installed mod_suphp and so far noone complained about slow response. Also we have installed now on over 100 servers our solutions (HOW TO) and so far was perfect.
I think that benchmark was not done in the right way, but maybe I am wrong, for us is working perfecctly.

In our HOW TO also you will see that you can add Ioncube, APC Cache and Zend Optimizer, so this will solve your problem on speed.
 
I'm reluctant to install anything that can increase usage of resources because I've been dealing with apache crashing due to running out of memory so I've stripped out as many modules as possible to get it stable. For now I think I'd rather stick with manually changing permissions rather than risk adding any additional load to the server.

I thought there might be some simpler solution that doesn't involve installing any additional modules. Is there some way I can alter the default permissions that get setup when a new domain is added through Plesk? What I'm thinking is I would like to change the default file permission from rw-r--r-- to rw-rw-r-- and then apache would have write permission for all files through groups permissions. Wouldn't this solve the problem without compromising security? So is there a way to change it so that Plesk sets up new domains with these permissions?
 
I'm having a similar issue. Basically I would love to know why and how to change a client domain group from or to apache vs. psaserv vs. psacln. We host clients for Wordpress websites and since our migration to Plesk 10 we've noticed that all of our client's Wordpress blog sites now require FTP to update plugins and wordpress versions.

..So in looking at the client's File Manager within their control panel, we can't change file permissions for some directories with "psaserv" group. Some directories have apache as the group, some psaserv and some with psacln. Very simple questions:

1. How do we change the group type for a given directory? I would assume this should able to be accomplished with out master Account Center plesk control panel but I can't find it anywhere or any documentation from Parrallels.

2. How do we enable the ability for a client to change file/folder permissions for all group types (apache, psaserv, etc.)?

3. What's the best group type to use and why?

4. Why does this setting default this way to begin with when creating a new customer, subscription, domain for a web client?

Thanks anyone who can explain this in simple clear terms. We appreciate it greatly.

Michael
 
Hey Icalics - get off of this forum and stop promoting you own stuff. The forum is intended for community based support and not personal/business sales. Take a hike dude!

Michael
 
Mike, mod_suphp is not our stuff, it is a well known php module (http://www.suphp.org/). If you read a little bit about this, you will known. And it is free and can be found in ART repository. Nothing to do with our stuffs.
Also you can use mod_ruid2 but I cannot promote that because we do not use it and I cannot help on that module.
And yes, I will promote SUPHP because we have solved the same issue (joomla, wordpress etc) on a few hundred server where we installed this module.
Thank you.
 
Group Permission/Ownership issues via Plesk

I've recently inherited a dedicated server from Media Temple which uses Parallels Plesk. Every install of a domain or subdomain has the issues of programs like Wordpress or Joomla assigning permission of files to apache instead of the group which prevents writing of any file for updates by the application. This is a major inconvenience and one not seen using WHM.

Media Temple's solution is to run PHP as FastCGI. So far this seems to work, however, your mileage may vary.

Hope this provides some solution to this problem on servers running Plesk.
 
For those who still use it, Password Revealer now will work with encrypted passwords - PLESK 11+ (Power Toys)
 
You must log in or register to reply here.

Similar threads

andreios
Issue Warning: Custom template has insufficient permissions: nginxDomainVirtualHost.php
Replies
3
Views
6K
Maarten
M
J
Issue Malfunction in Diagnose & Repair -> file system
Replies
0
Views
3K
johnrdorazio
J
L
Installation failed: Could not create directory in wp-content/upgrade
Replies
2
Views
826
Leta
L
H
Issue Php session problem
Replies
0
Views
158
hunterwolf
H
J
Resolved Error 500 internal server error (But I don't have more information)
Replies
7
Views
4K
rucabado
R
Back
Top