Setting Up User Permissions in Linux shared Hosting in India (1)

1. Setting Up User Permissions For Linux Hosting in India Introduction The most common error your business and its users can encounter under Linux hosting in India is “Permission denied”, especially with various web applications after the initial server setup. Thus, via this guide, we have highlighted the solutions for setting up user permissions. They are typically applicable to all sorts of PHP projects, including those based on core and specific frameworks. So, now let’s get further into the article and know how to set up user permissions.

2. Setup Permissions For Shared Web Hosting in India 1. Multiple Users Let us take an instance here. Suppose you have a website "tins.com" that has an application root at “/var/www/tins” on the shared web hosting in India. Further, there is also a deployment user “tins” who is the proprietor of the application root and deploys code modifications. Thus, the user “tins” is required to read & write permissions to the files as well as folders in the root directory. Now, you must know that there exists a PHP-FPM process setup for executing PHP scripts, which operates as user “www-data”. Consequently, user “www-data” also requires access to write to a few files & folders and read access to every file. Therefore, in the application root directory, users “tins” as well as “www-data” must get read & write access to files as well as folders. When you are required to provide similar permissions to multiple users on your Linux Hosting Server in India, you can set up a joint group to which the users and the “www-data” can be added. On the other side, you also have the possibility to set the SGID permission. This permission is for the application root folder that helps you facilitate the new files created to inherit the identical joint group under the shared hosting. The most effective practice is to construct a new group, for example, 'www-tins' for the same objective and make it the group when devising deployment users such as 'tins'. Here you can easily add user 'www-data' to the group of Linux hosting in India.

3. 2. Unmask/PHP Settings Unmask settings involve the unmasking of the PSP-FPM user and deployment users. This enables you to make sure that the group keeps on holding access to both read & write when it comes to files and folders. With Linux shared hosting in India, in Ubuntu, the default umask meant for non-root users is 0002. However, it might be 0022 in case it has been pinched by the web host or a web hosting server administrator. Under such a setup, for instance, the user 'tins' operates a “php artisan” command on the CLI. Then, it chucks an error. This will construct a new laravel.log file in case it is not there already on your Linux hosting server in India. So, if the umask of “tins” were 0022, then the laravel.log file's permissions would be 644. This implies that the group "www-tins” only possess read permissions. For dealing with this, you can set the umask when it comes to all deployment users and the PHP-FPM user “www-data” in such a way that the group always holds both read and write permissions. 3. Proposed Solutions In order to accumulate the solutions presented above, you need to implement the following on your India Linux shared web hosting server - 1. Construct a common group (“www-tins”) that enables you to add all the users 2. While constructing deployment users such as "tins”, ensure to set their group to the common group 3. Set up the umask (0007) for the deployment users in a way that the group will always have - a. rw- permissions on files b. rwx permission on all folders 4. Now append PHP-FPM user (“www-data”) to the common group as well as setup umask (0007) 5. Further, setup the application root folder in a way that - ● Each directory or file incorporated has its group set to the common group. ● The SGID permission enables new folders or files constructed to inherit the common group. ● Adjust file & folder permissions to 660 for every file & 770 for every folder. 4. Multiple Website Hosting Permission You must note that the solution presented in the previous segment works well only if your best Linux hosting in India does not involve multiple websites. Let us take an example here. Suppose there is another project known as 'matt.com' which is also operating on the same server, with users 'matt' & “www-data” appended to a common group “www-matt”. In this case, the user “www-data” forms a part of both the groups “www-matt” & “www-tins”. This is recognized as a very typical setup. Also, it iss often the default setup on most configurations of Linux shared hosting in India.

4. This further signifies that if a script in “matt.com” is written to get the data of a file in the application root of “tins.com” (for say: /var/www/tins/public/.env), it would operate successfully. The reason behind this is that the user implementing the script (“www-data”) forms a part of both groups (www-tins and www-matt). So, it has read access to both files. At the same time, the safety implications of this setup can be very serious. In order to deal with such a situation on the best Linux shared hosting India, you should make use of configurations of multiple PHP-FPM pools. You can utilize distinct PHP-FPM resource pools for every project. In this, a different user is configured within every pool. This implies that there remains no common “www-data” user that operates the PHP scripts under multiple projects on the Linux hosting in India. Conclusion Resolving "Permission Denied" errors on the Linux shared hosting in India generally requires the devs to obtain help from the ops team. On the other hand, through this guide, you must have learned how you can fix these errors by updating the ownership or permission of particular files and folders in the application's root directory This further enables you to prevent security vulnerabilities caused due to inappropriate user permissions under the Linux hosting in India.