Secure permission structure for server blocks?
stadtpirat11 at ymail.com
Mon Sep 9 09:22:50 UTC 2013
I am trying to wrap my head around this for weeks now. What is the most secure way to organise the permissions of the web root directories (WRD) for several server blocks. Especially when you have PHP applications like Wordpress that download and create files in the WRD? Latter makes it difficult to control the file's owner, group and permissions.
For as "secure" is the following in my understanding: Hijacked websites (e.g. injections in Wordpress) must not be able to read or write do any other directory outside it's own WRD! I am open for more security tips, but the main topic is about directory permission structure.
I haven't found any solution to my problem in the web, yet.
More information about the nginx