DigitalOcean

Report this

What is the reason for this report?
Question

Apache cannot read uploaded files by ftp users (Centos 8)

Posted on March 21, 2021
CentOS 8
Apache
Xenon032

By Xenon032

Hi, if I upload files with “ftp1” user (the ftp user) apache cannot read/write these files.

For example if I upload the file “info.php” to website directory /var/www/website and then I go to browser and type "http://server_ip/info.php! I get “Access denied.”.

I noticed that the files uploaded by ftp users have this permission: -rw------- 1 ftp1 ftp1 26 Mar 21 10:04 info.php , when the apache files have -rw-rwxr--+ 1 apache apache 405 Feb 6 2020 index.php .

About the FTP config, I set /var/www/website as ftp user home, and then I run these commands:

usermod -a -G ftp1 apache
setfacl -R -m u:ftp1:rwx /var/www/website

Thank you in advance.



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
alexdo
alexdo
March 23, 2021

Accepted Answer

Hello there @Xenon032

These permissions are totally fine on a webserver. You can also check our initial server tutorial for CentOS 8 and the next tutorial on how to secure your server

https://www.digitalocean.com/community/tutorials/initial-server-setup-with-centos-8#step-4-—-setting-up-a-basic-firewall

https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-8

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-centos-8

Hope that this helps! Regards, Alex

0
KFSys
KFSys
March 22, 2021

Hi @Xenon032,

You’ve almost got it. You are correct it’s because of Apache not being able to access files from ftp1.

-rw-------   1 ftp1   ftp1      26 Mar 21 10:04 info.php

Adding the Apache under the ftp1 would work as well however in that case you’ll need to make sure your files that you upload should have permissions for groups to read/execute. They should look like

-rw-r--r--

This can be made by executing:

chmod 644 info.php

Regards, KFSys

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.