olc's picture

on TKL, apache is set by default to /var/www. is this the folder to use? is this safe?

Jeremy Davis's picture

And it is quite safe to use assuming that apache runs under the www-data user account (not root) and this folder is owned by www-data. This is how it is set up by default in TKL (and many other Linux distros from my experience).

olc's picture

ok, thanks.

Steve's picture

Thanks for such an excellent appliance
I get that this dir is safe for main web content but having trouble setting up a user that has access to upload and delete
I don't want to use root but setting up a new user and pointing them at the /var/www gives me permission errors
I know this is a nube query but if you could point me in the right direction that would be great


New user test on defaults can read and write but I need new user test to be able to read and write to the www

Jeremy Davis's picture

And check that the group permissions of the folder allow "group" to read/write to /var/www. If you wish for the user to retain their home directory then just add it as a secondary group. If the user is specifically just to upload data to /var/www then you make make www-data their only group and make /var/www their home directory so FTP will automatically open there by default.

Assuming you aren't familiar with Linux command line, Webmin is probably the easiest way to do all this. "Users & Groups" (for the settings related to the user) and "File Manager" (for setting/checking file permissions - click the folder in the right pane and click Info button) are the modules you'll need to use.

Also remember that you'll need to use SFTP not just FTP.

Steve's picture

Thanks for the reply - I really do appreciate it

I did a permissions update on the /var/ww folder to  0777  - probably the equiv of hitting it with a big stick - does this have security issues over changing group membership as above?   seems to work for sftp access

Should I reload and re-check with your method anyway for security?

By the way the LAMP appliance is just awesome - I have downloaded about a million iso / vm e-sexy apps with rubbish results until  I found turnkey - thanks so much!

Jeremy Davis's picture

No worries! Are you by any chance a Windows Admin? Sorry just joking!

Well that will definately work (as you've discovered). The implications of your method are that anyone with access to your server (ie any user) can do anything to files/folders in /var/www. If that's not an issue then its probably not really a problem, although I like to stick with the philosophy of allowing the minimum access required to do the job (as opposed to the default user account in Windows - which in fairness is getting better).

Steve's picture


Icchh - I will undo the perm's and setup properly =- Thanks for the help


Yes am a sadmin for windows but starting to feel much better

Add new comment