User Tools

Site Tools


website-setup-and-configuration

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
website-setup-and-configuration [2019/11/20 17:17]
mtb76 [Permissions] fixed formatting in code block
website-setup-and-configuration [2019/11/20 17:34] (current)
mtb76 [Permissions] simplified content, streamlined layout
Line 20: Line 20:
 ==== Permissions ==== ==== Permissions ====
  
-In order to allow access to your website, your ''public_html'' directory needs to make sure the webserver has both read and execute permissions. To set these permissions, you could run the command''chmod 755 ~/public_html''. Keep in mind that this command only sets permissions on the top level of your web root unless you use the -R flag. If you already have files and folders in your public_html folder, you may need to add the -R (recursive) flag: ''chmod -R 755 ~/public_html''.  You will need to ensure that any files you want to be visible have the same permissions as your ''public_html'' folder itself.+<note tip> 
 +This section outlines two ways to set permissions such that the web server can display files in ''public_html'' - first using standard Linux permissions, and second using ACLs. Either approach should work properly on its own. 
 +</note> 
 + 
 +In order to allow access to your website, the webserver needs both read and execute permissions on your ''public_html'' folder and execute permissions on all parent folders. To set these permissions, you could run these commands 
 + 
 +<code> 
 +chmod -R 755 ~/public_html 
 +chmod o+x ~ 
 +</code> 
 + 
 +You will need to ensure that any files you want to be visible have the same permissions as your ''public_html'' folder itself. 
 + 
 +=== Using ACLs ===
  
 Another slightly more nuanced way to accomplish this is to use Linux Access Control Lists (ACLs).  You could leave the standard permissions as they are and give only the ''www-data'' user (the user used by the webserver) the read and execute permissions.  To apply the needed ACLs you would type the following commands into the terminal: Another slightly more nuanced way to accomplish this is to use Linux Access Control Lists (ACLs).  You could leave the standard permissions as they are and give only the ''www-data'' user (the user used by the webserver) the read and execute permissions.  To apply the needed ACLs you would type the following commands into the terminal:
 +
 <code> <code>
-  setfacl -Rm u:www-data:r-x ~/public_html +setfacl -Rm u:www-data:r-x ~/public_html 
-  setfacl -d --set u:www-data:r-x ~/public_html +setfacl -d --set u:www-data:r-x ~/public_html 
-  setfacl -m u:www-data:--x ~+setfacl -m u:www-data:--x ~
 </code> </code>
-The first command sets the permissions to read and execute just for Apache.  The second one makes these the default permissions for all new folders and files created.  The final line puts execute only permissions on your home directory to the public_html folder can be seen by Apache, even if you have no permissions for the world on your home directory. 
  
 +The first command sets the permissions to read and execute just for Apache.  The second one makes these the default permissions for all new folders and files created.  The final line puts execute only permissions on your home directory to the public_html folder can be seen by Apache, even if you have no permissions for the world on your home directory.
  
 Using Linux ACLs allows you to be more specific about who gets access and who doesn't.  So rather than giving read and execute access to the world, you just give it to the webserver so it can display your webpages. Using Linux ACLs allows you to be more specific about who gets access and who doesn't.  So rather than giving read and execute access to the world, you just give it to the webserver so it can display your webpages.
website-setup-and-configuration.txt · Last modified: 2019/11/20 17:34 by mtb76