default directory for root in vsftpd on nginx server - linux

I want to change default directory when root user login via ftp.
At present I am getting root directory but i want to set it as
/usr/share/nginx/html
I am on nginx server with ubuntu 14.04

Change the env. variable HOME from .profile file with the updated directory path.

Related

How to avoid permissions problems with node and nginx directory structure?

On my production server I'm successfully using nginx to host a static site and as a reverse proxy for a node app. Currently, the node app is in /home/myUserName/apps and the site is in /var/www/siteDomain.com/html.
On my local/development machine, the html directory is inside my apps directory (../apps/html). I want to have the same directory structure in production, so that I can clone my git repository and then just run npm install in case the package.json has changed (node_modules is in .gitignore).
I get permissions problems when using git and npm in /var/www/siteDomain.com because the owner is root and siteDomain.com is drwxr-xr-x. I can clone my repo using sudo git, but then all the subdirectories (including html) are owned by root which causes problems (would have to use sudo npm, which I read can make more problems, cannot manipulate files in ftp...).
The other way I could do it is clone the repo to /home/myUserName/apps, where everything is owned by my non-root user, and then change the nginx config file to point to /home/myUserName/apps/html as the root for the static site.
What is the best way to structure my directories so that I don't have permissions problems when using git and npm? Is pointing the html root to something outside of /var/www unusual or will it problems in the future?
P.S. my local machine is Windows, I'm not very experienced with linux (which is running on production server)
You can create projects directory in /home/username/projectname
Run nginx without root permissions like described below.
Add/Change the following in your /etc/nginx/nginx.conf:
user nginx;
You should create the user and grant permissions on the webroot directories recursively.
This way only master process runs as root. Because: Only root processes can listen to ports below 1024. A webserver typically runs at port 80 and/or 443. That means it needs to be started as root.
To run master process as non root user:
Change the ownership of the following:
error_log
access_log
pid
client_body_temp_path
fastcgi_temp_path
proxy_temp_path
scgi_temp_path
uwsgi_temp_path
Change the listen directives to ports above 1024, log in as desired user and run nginx by nginx -c /path/to/nginx.conf.
And your node directory must be placed in /home/username/projectname.
Add node user, nginx user and git user to the common group and check projects permissions.

Vsfp user don't see any data linux Rhel/Centos

I tried creating vsftp server on Rhel 8 and centos. My ftp Users can login into server but only sed list of directory's and are able to navigate to any directory.
User cannot create directory or file
User cannot see any files in any directory.
I chnage chmod 777
And changed ownership but nothing works
It was selinux config I had to change under /etc/selinux/config
changed enforcing to disable

Nginx can't access root directory in sites-available

I have basic nginx set up on my Digital Ocean droplet (Ubuntu). I have only one root user. In my nginx configuration file in location I have
server {
listen 80;
server_name site.com;
root /var/www/html/site;
}
I tried to change it to
root /root/site
But it gives me 403 Forbidden error. When I change it to nginx default directory
/var/www/html/site;
everything works fine.
Why is it giving me that error? I understand that only root user has access to root directory, but why can't browser only read files from there? Is it okay to create another folder, not like "/var/www/html/23rdsquad;" somewhere on my server (not /root or /var/www) and use that instead?
Your Nginx user does't have permission to read directory /root/site, so:
Check directory permission
user#user:~$ ls -l /root/site | grep site
drwxrwxrwx 7 user user 4096 ago 17 16:56 site
Check Nginx user
user#user:~$ ps aux|grep nginx|grep -v grep
Nginx user configuration is "/etc/nginx/nginx.conf"
vim /etc/nginx/nginx.conf
Usually you have
"user www-data;"
1) Change directory permission either Nginx user.
2) Restart Nginx service
user#user:~$ sudo systemctl restart nginx

let eclipse have access to root files and folders

I'd basically like to enable Eclipse to set up a workspace in the document root of my apache server, i.e. /var/www
Right now, I'm using a terminal sudo to copy everything from local Eclipse workspace to /var/www in order to load the files on the localhost.
I could point document root to home/user/eclipse/workspace but there are other files in /var/www that I'd like to keep.
How would I be able to let Eclipse setup a workspace in the path /var/www which is normally restricted to only super users?
Thanks.

Protect htdocs directory

I have a web application wrote in php , working with Apache in a Linux server, the problem is that this server can be access by many users, what I want to do is , restrict the htdocs folders without broke the permissions that need Apache in order to display the web application.
My idea is something like this:
User Administrator (is in the sudo group, and in administrator group) Have access to htdocs.
User Deb (is in the sudo group,and in standard group) No have access to htdocs
By access I mean, copy and modify, the php files.
In most Linux distributions Apache is run under a specific user, for example apache under Red Hat and www-data under Debian and Ubuntu. The root user and every user in the sudo have access to all files on the file system. Combining these gives you your solution: change the owner of the htdocs directory to the user under which the server is run and change the rights on the htdocs directory to 0700. So:
$ cd /[path to parent dir of htdocs]/
$ chown <apache user>:<apache group> htdocs
$ chmod 0700 htdocs
This way only the apache server user, root and users in the sudo group have access to the htdocs directory.
You can set the htdocs folders to be readable only by group www-data and add users who are allowed to do changes ther into the www-data group.
drwxrwx--- www-data www-data vhosts/

Resources