> My situation before was:
> /var/www/html -> owned by apache:apache
BAD, apache don't need to own this directory, only to read it
Very common way to decrease security.
(perhaps it may need to be able to write in some sub-directory, e.g.
upload, temp, cache, ...)
> httpd -> running as apache:ap
Hi,
Thanks for the details.
So I continued delving into the nginx instance configuration. There were a
couple more of files in /etc/phpMyAdmin and /var/lib/php,
/var/lib/phpMyAdmin belonging to user root and group apache as per default
installation. After some more fixes everything went well, but
Hi,
Thank you for the reply. Was not saying that it is the most secure
configuration, my point was that in that way everything is not working out
of the box on nginx while on httpd it is transparent.
In my opinion, default installation should work without modifying my system
configurations; securi
Hi everyone.
I was playing with a toy server using Fedora 26 Server. I was running a simple
configuration with httpd, nginx+php-fpm trying to install and serve some CMSs
to test them before going live.
Of course, only one web server was running at a time, and they both had their
root pointing a
