Secure permission structure for server blocks?

B.R. reallfqq-nginx at
Mon Sep 9 09:29:29 UTC 2013

Since the problem comes from the dynamic language PHP, you can create
several pools using different user/group pairs.
You could use 644 (or 640) permissions with user = PHP user on a specific
directory and group = Web server group with read-only permissions.

Raw idea of the big picture, There must be some details to check (such as
verify PHP isolation/jail/chroot inside pools).

My (quick) 2 cents,
*B. R.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list