开发者

Should I add a user to the apache group

I have a wordpress website that has multiple developers trying to access it and they want to use the built-in theme editor. the theme editor requires write access for the apache group.

I'm trying t开发者_如何学Goo figure out how to do this and I was thinking about adding all the users the the apache group? Is that a bad idea? is it unsecure?

Each user has to log in with their user account via sftp. They each must be able to write to the files. It would be fine to make a group for them, since they use the theme editor, the group needs to belong to apache.

According to the Wordpress codex, the theme folder is made to be fully writable, but I just don't feel comfortable with that. I would rather keep user and group permissions for access


Secure way would be to add separate group for that wp site, and add all needed users to that group. To make web editor work, you can just add apache itself to said group as well, or (better, but more complex to set up) use suexec to run your wp as separate user, therefore separating it from other sites and the system.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜