Question

2

Prevent user from viewing and editing /var/www folders

rated 0 times [ 2] [ 0] / answers: 1 / hits: 1630 / 3 Years ago, thu, may 13, 2021, 8:33:35

I need to be able to restrict a secondary user that I'm creating from even viewing /var/www as it contains some sensitive information in its PHP files.

Currently, the user is able to view the files (but not modify them). How can I prevent them from even viewing the files without disallowing my web server (apache) from being able to read and execute them?

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

anoalk

Add To Favorites

Follow

Total Points: 271

Total Questions: 90

Total Answers: 112

Location: Zambia

Member since Wed, Dec 16, 2020

3 Years ago

anoalk questions

1 Explanation of files under /etc/NetworkManager?

Wed, Mar 15, 23, 04:06, 1 Year ago

1 Can I install software from debian package without internet

Fri, Sep 24, 21, 02:59, 3 Years ago

1 Ubuntu Server VM (Hyper-V): formatting of sda2 partition (mkfs.ext4 -G 4096 /dev/sda2) before install

Tue, Oct 5, 21, 14:02, 3 Years ago

1 Start KeePassXC on boot

Sat, Mar 5, 22, 02:33, 2 Years ago

1 How do I change the date language in the terminal?

Tue, Mar 22, 22, 07:19, 2 Years ago

View All

answered 3 Years ago piscen · Accepted Answer

You may want to use Access Control Lists. They are a more advanced way of handling permissions than the default way. For example, in your case you can use:

setfacl -R -m u:username:--- /var/www

More about:

Ubuntu Access Control Lists

man setfacl