Get alerted when assets are down, slow, or vulnerable to SSL attacks—all free for a month. Learn more

Question

After setting up 1-Click LAMP, how to properly create users for 2 virtual hosts (2 domains) with right file permissions ?

Hi, I just set up a LAMP droplet following the 1-Click install guide. It worked fine, i have ssh access

I am now logged in as root.

The web root is now at /var/www/html which can be accessed through the droplet’s public ip or the domain name i ‘attached’ following this part of the guide :

... Two DNS records:
    An A record from a domain (e.g., example.com) to the server’s IP address
    An A record from a domain prefaced with www (e.g., www.example.com) to the server’s IP address

Now, i would like to create 2 users. Each one will be for managing a distinct website (distinct domain name and folder)

I tried doing this vhosts configuration a few months ago (not on digitalocean droplets), i had tons of file permission related errors

Is there a guide that i can follow for this specific usecase ?

Thanks

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

KFSysSeptember 23, 2020

Hi @GroovySTK,

I’ll recommend using an Apache Module : apache2-mpm-itk. This module is an MPM module for the apache web server which allows you to run each of your virtual host under a separate uid and gid i.e. the scripts and configuration files for one virtual host are completely separated from that of others and therefore no longer have to be readable for all of them.

First step is to install apache2-mpm-itk and enable it in order to use its functionality :-

sudo apt-get install apache2-mpm-itk
 
sudo a2enmod mpm_itk

Now a very simple virtual file for a domain should look like

<VirtualHost *:80>

ServerAdmin webmaster@localhost
DocumentRoot /home/user1/public_html/
 
<IfModule mpm_itk_module>
AssignUserId user1 user1
</IfModule>
 
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
 
</VirtualHost>

Notice the

<IfModule mpm_itk_module>
AssignUserId user1 user1
</IfModule>

That’s your way of separating with users.

Regards, KFSys

Try DigitalOcean for free

Click below to sign up and get $100 of credit to try our products over 60 days!

Sign up