How to block others not to use apache

September 25, 2012 at 06:11:00
Specs: Linux x86_64
hi everyone..
i need to block other users not use apache conf and document root.
I created apache user and group and edited in /etc/apache/envavors
i change the ownership of /var/www and /etc/apache2 to user 'apache'
i change 700 permission for /var/www /etc/apache
how to block others not to use apache.
By using sudo command others can write so i need to block that. Please any1 give me idea

See More: How to block others not to use apache

Report •

#1
September 25, 2012 at 06:19:12
"By using sudo command others can write so i need to block that. Please any1 give me idea"

Simple, don't give them sudo rights.


Report •

#2
September 25, 2012 at 20:14:04
# User privilege specification
root ALL=(ALL:ALL) ALL
apache2 ALL =/etc/init.d/apache2

# Members of the admin group may gain root privileges
%admin ALL=(ALL:ALL) ALL

# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

what should i remove from this???
which rights i need to block?? please reply


Report •

#3
September 25, 2012 at 22:17:52
i blocked other user to not use apache.
Thank you.
i allowed to use apache2 for apache user only by using command

sudo setfacl -m u:apache-dev:rwx /var/www
sudo setfacl -m u:apache-dev:rwx /etc/apache2
but
other users can create directory and file by using cmd
sudo vi /var/www/index.html
How to block this please help

Report •

Related Solutions

#4
October 3, 2012 at 01:45:31
Like FishMonger said, if you don't trust people to not use sudo to edit a file, then either don't give them sudo rights at all, or edit your /etc/sudoers file so that the group they are in cannot execute commands as root.

Report •

Ask Question