Difference between revisions of "Shells websites"
imported>Wikiadmin |
imported>Wikiadmin |
||
| Line 1: | Line 1: | ||
| + | ==General== | ||
You can run a website from your shell account. | You can run a website from your shell account. | ||
Simply place the html and/or php files in your public_html directory. | Simply place the html and/or php files in your public_html directory. | ||
| − | + | Your website will be visible at the subdomain yourusername.insomnia247.nl. For historical support insomnia247.nl/~yourusername is redirected to your subdomain. | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | Your website will be visible at yourusername.insomnia247.nl | ||
| − | |||
| + | ==Web proxies== | ||
If you want to run a web proxy or a php shell you are allowed to do so only under the condition that you password protect it. | If you want to run a web proxy or a php shell you are allowed to do so only under the condition that you password protect it. | ||
This also goes for any other material that can give anonymous users access to your resources.<br /> | This also goes for any other material that can give anonymous users access to your resources.<br /> | ||
| Line 19: | Line 13: | ||
| + | ==CGI== | ||
CGI is available in the cgi-bin directory of your public_html folder. | CGI is available in the cgi-bin directory of your public_html folder. | ||
| + | ==MySQL== | ||
MySQL databases are available on special request. Check the [[Shells_FAQ|F.A.Q.]] to find out how to request one. | MySQL databases are available on special request. Check the [[Shells_FAQ|F.A.Q.]] to find out how to request one. | ||
| + | |||
| + | |||
| + | ==Permissions== | ||
| + | Your Apache processes and all child processes of Apache like php and cgi etc. run as a separate user that is dedicated to your website.<br /> | ||
| + | This user is named [your-username]-www. So it can access the files in your public_html directory you and your www user are in the same group. This group is exclusive to your account so no Apache processes from other users have permission to read your files.<br /> | ||
| + | |||
| + | The practical upshot of having a separate www user is that you can now deny your Apache processes access to any files that you want to keep from being available over HTTP. (SSH keys are a good example of files where you might want such protection.)<br /> | ||
| + | Since the Apache processes access your files through group permissions all you have to do is revoke group access on them. (Hint: If you don't know how to manage file permissions read up on how to use the chmod command.) | ||
| + | |||
| + | There is a slight practical drawback to having the Apache process run as another user. Often when php processes create new files they will be created without group write permissions. This means that they are owned by your www user and you cannot easily delete them.<br /> | ||
| + | To remedy this we have introduced the '''suwww''' command. If you run this command from your shell you will be logged into your www users account giving you full permissions on any files your Apache user has created.<br /> | ||
| + | You can also use the suwww command to check and verify if your Apache user indeed does not have access to files you don't want it to. | ||
Revision as of 22:59, 8 April 2013
Contents
General
You can run a website from your shell account. Simply place the html and/or php files in your public_html directory.
Your website will be visible at the subdomain yourusername.insomnia247.nl. For historical support insomnia247.nl/~yourusername is redirected to your subdomain.
Web proxies
If you want to run a web proxy or a php shell you are allowed to do so only under the condition that you password protect it.
This also goes for any other material that can give anonymous users access to your resources.
Any copyrighted or illegal material hosted on your public site will result in automatic suspension of your account.
CGI
CGI is available in the cgi-bin directory of your public_html folder.
MySQL
MySQL databases are available on special request. Check the F.A.Q. to find out how to request one.
Permissions
Your Apache processes and all child processes of Apache like php and cgi etc. run as a separate user that is dedicated to your website.
This user is named [your-username]-www. So it can access the files in your public_html directory you and your www user are in the same group. This group is exclusive to your account so no Apache processes from other users have permission to read your files.
The practical upshot of having a separate www user is that you can now deny your Apache processes access to any files that you want to keep from being available over HTTP. (SSH keys are a good example of files where you might want such protection.)
Since the Apache processes access your files through group permissions all you have to do is revoke group access on them. (Hint: If you don't know how to manage file permissions read up on how to use the chmod command.)
There is a slight practical drawback to having the Apache process run as another user. Often when php processes create new files they will be created without group write permissions. This means that they are owned by your www user and you cannot easily delete them.
To remedy this we have introduced the suwww command. If you run this command from your shell you will be logged into your www users account giving you full permissions on any files your Apache user has created.
You can also use the suwww command to check and verify if your Apache user indeed does not have access to files you don't want it to.
