Apache chroot question... [resolved]

[Ruku]

Greetings people...

First off, sorry if this is in the wrong section, but I couldn't figure where to put my thread, move if needed...

I just bought a domain of one & one (great deal 7$ domain)... and I don't think you can enable a wildcard (*.mydomain.com) through them... which I usually used with apache.

I used my sub-domains for user webpages, they have full access to their root, but they have access denial to anything else...

apache config:

Code:

<VirtualHost *>
 DocumentRoot d:/web/member/USERXXXXXXXX
 ServerName USERXXXXXXXX.mydomain.com
 User USERXXXXXXXX
 Group MYGROUP_FTP
 php_admin_value open_basedir "z:/web/member/USERXXXXXXXX"
</VirtualHost>

so there, that was the way I locked them... however, since 1 & 1 does not allow wildcard fowarding (or so I think, help me on this if yes),

My question is this how can I lock them to a folder... instead of a domain?

let's say I do a virtual directory of

mydomain.com/member/USERXXXXXXXX

how can he be locked to z:\web\member\USERXXXXXXXX?

(I'd need to change "ServerName USERXXXXXXXX.mydomain.com" by something that gets a folder instead of a domain)

Thanks in advance to break out your heads for me...!!!!!

[Ruku]

*bump*

A friend of mine showed me "htaccess" methods in the apache config file...

what htaccess does is simple, it gives read/write permissions over the directories you have within apache (real or virtual).

However, the problem is that all users would have read access to my main .php files, which is a problem.

I really need to chroot the folder, so that the php files within the folder don't have access to anywhere else than within the folder...

my brain is still going on this... any help, any at all?

[penagate]

Change permissions either through an FTP client or your hosting software such as Cpanel or DirectAdmin, both have file system tools.

[Ruku]

All the permissions are already set...

What I'm looking for is a way to login the user locked under the permissions over a specific folder, which would be his root...

(I don't need 1 general user account, I need to chroot all users individually)

how do I do that through apache config?

[visualAd]

The only way you can croot PHP is to have it start as root, carry out the chroot and demote itsself to the user you want to run it as. There are programs that do this for you, such as suexec. To do this you need to have PHP run as a CGI not a web server module.

Another method you can use is the powerful URL rewriting module in Apache. A request to http://www.example.com/user/ gets rewritten to http://user.example.com/ (you can then have a name server running on the server which resolves unknown .example.com addresses to the IP address of the server).

[visualAd]

Take a look at this: http://httpd.apache.org/docs/1.3/misc/rewriteguide.html

[Ruku]

Take a look at this: http://httpd.apache.org/docs/1.3/misc/rewriteguide.html

thx alot... for now, I can rewrite

mydomain.com/member/member1 (limited subdomains, no wildcard, but .com)

to

member1.mydomain.gotdns.com (wildcard, but .gotdns.com)

it still has the ugly gotdns part... but it's better than nothin'...!

!