1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is it ok to set xenforo user and group to apache?

Discussion in 'Server Configuration and Hosting' started by daimpa, Jan 20, 2015.

  1. daimpa

    daimpa Member


    it's the first time I'm working on a dedicated server so I'm having some troubles with permissions (also for wordpress :D).

    At point three of the installation tutorial I read that you suggested to chmod 0777 two folders. While installing xenforo asked me to do this, but instead of chmod 0777 the folders, I've assigned ALL xenforo files/folders to user "apache" and group "apache".

    According from your experience, is this fine and won't cause any security issue? Thanks.
  2. CyclingTribe

    CyclingTribe Well-Known Member

    I'm not sure why you decided to change the user and group settings - it won't affect the permissions.

    Change them back to their previous values and then do the #chmod 0777 on the specific folders as instructed. (y)
  3. daimpa

    daimpa Member

    Hello @Clickfinity , first of all thanks for the reply. I'm not an expert, but it changes as before than having folders assigned to apache, the installation didn't let me complete al the task. After I've changed folder owner to apache, I've been able to complete the installation.

    It has sense that it changes, because my httpd is running as user "apache" and not as the other user. I'm running all wordpress things as apache, so I'd like to run xenforo as apache too if possible, but I've to be sure that this doesn't have any security issue :)
  4. Slavik

    Slavik XenForo Moderator Staff Member

    If your files are owned by the web server, it means that it is able to write and edit to them. You should try to ensure that the files are owned and are in a different group to apache. As an example in my LiteSpeed server setup guide, the files are owned by root/root but the web server is lsws/lsws so it can only write to the specific folders set to 777.
    CyclingTribe likes this.
  5. daimpa

    daimpa Member

    Ok, now your message is worring me as I've assigned apache as user and group to all files/folders of wordpress :D Will take a look at your tutorial, thanks in the meanwhile!
  6. CyclingTribe

    CyclingTribe Well-Known Member

    Usually Apache's user is 'www-data' and its group is 'www-data'. If you're going to host more than one site on the server you might want to look at setting up a different user/group combination for each one - using Apache Virtual Host for each site. This will give you better control over permissions and hosting settings, and should help you identify which site is at fault in the case of any errors or problems. (y)

    You might also want to consider putting all of your websites under one main directory, such as ... # /home - so your sites will be # /home/<user>/public_html

    For reference, here's the Apache documentation: http://httpd.apache.org/docs/current/

Share This Page