Webinoly is just the perfect tool for NGINX experts. Give it a try!
+1 vote
1.2k views
by Rookie
closed by
Hi,

I don't like the wordpress files to be owned by www-data, so I made my own script to change file ownership as I see fit. However, every time I add a new site, webinoly resets ownership to all files in the www folder back to www-data

Can you please remove the chown -R www-data /var/www in /lib/sites and replace it with

chown -R www-data /var/www/$domain

(line 552)

So it will only replace ownership in the new installation, not the whole www folder.

Thanks!
closed with the note: Duplicate

1 Answer

–1 vote
by Expert
No, I won't do that!

Wait for the next update, the "internal-api" will be extended and you will be able to add "custom-actions" with every command. Right now it just work with the "stack" command, in the next major update (v1.8.0) of Webinoly it will be extended to all the other commands.

Regards.
by Rookie
Why wouldn't you do that? Chowning all the files to www-data is a bad idea anyway, it's basically the same as chmoding them to 777. A backdoor in one plugin can not only ruin one site, but the whole server will be corrupted. It is a very bad safety practice.
by Expert

This has been discused several times before, please search for those discussions here and github.

The short story is that it makes sense in shared hosting enviroments, not in VPS or dedicated.

Here is a better explanation: https://webinoly.com/en/faq/#2a3mfR

Regards.

by Rookie
I have 15+ years of experience with unix/linux, vps and wordpress, I understand how unix permissions work and I have my own brain to figure out what is safe, so I don't need to read discussions about this.

Any php script, accessed through http(s) can write to any file owned by www-data (unles it has the write bit is set to 0, which in your case id doesn't). This means that if anyone who has administration rights uploads a plugin that is infected, or if the wordpress repo is hacked, or a premium plugin update site goes into the wrong hands (happend many times), the attacker can throug an infected file do whatever he pleases to your php files throughout all your server.

Anyway, I am not even asking you to do things my way, I am just asking you not to reset file ownership on all sites every time a new site is created. Why is this a problem.

(I updated your script myself, but I'd like to be able to upgrade without having to reaply my patch every time)
by Expert
Impressive CV!

Thanks for your "expert" advice.
Welcome to the Community site for Webinoly.

Our Optimized LEMP Web Server is a powerful set of commands for doing just about anything you could wish.

With Webinoly you can set up your NGINX web server in just one step.

* * * * * * *

To report a bug, please create a new issue on GitHub or ask a question here with the bug tag.
Webinoly Support Paypal Donations

PayPal · GitHub Sponsors · Bitcoin

It is very important that any visitor to the site read the disclaimer, terms of use and privacy and legal statement before start browsing.

...