1

in directory /home/username/public_html I have a website with CMS.

When I change chmod of /home/username directory to 750, my site doesn't work. I believe my CMS have no access to it.

Is there any way to improve /home/username directory security by chmod, so the website in subdirectory still works well?

1 Answers1

0

If you absolutely need your website to be in /home/$user/..., then you could change the permission of your directory like this : Create a group for this directory

groupadd home_user

add your user, and the user executing the CMS (e.g. wordpress) inside this group.

usermod -A -g $user  home_user
usermod -A -g wordpress  home_user

Then change the permission of your home folder:

chown $USER:home_user /home/$USER
chmod 770 /home/$USER # or 750 if it is enough

Then it should work.

BUT !

Having your website in the home folder, this is bad practice. It would be better to have it under /var/www/ or /www/ or /opt/www/

Then it is easier to segregate. You give the authorisation to this folder ONLY to the user which is running the website. And he has no other permission.

vinalti
  • 101
  • 4
  • Sometimes services save some config files under /home/user folder. When change chmod to 750 of the user dir, does it break something too? –  Jan 25 '22 at 18:39
  • Not that i know of. Who is gonna write to your home : The softare you may launch (they have your UID), the system services (they are root). So I don't see any reason for that to not work – vinalti Jan 25 '22 at 18:42
  • no service writes by default to any home folders. tell us more about this kind of story – djdomi Jan 25 '22 at 20:53