Misc web CMS and virtual user folder permissions vs ftp user permissions

[steve_adams]

I've been using Froxlor since the first release of SysCP and I've noticed an odd occurrence. When a new domain is created the web root folder inherits the virtual user and group permissions...a number, like 10001. These permissions are necessary to allow the same virtual user to be able to FTP into that directory. However, most CMS out there (wordpress, drupal, joomla, etc...) have administrative interfaces that allow upload of files, creation of folders, other actions that require the ownership of the web root to be the same as the web server (www-data on Debian system and Apache on Red Hat). How would you suggest, for optimum security to configure the virtual permissions to compensate for this anomaly? Add the virtual users to the www-data group?

 

Effectively, if I want to FTP up files I have to chown the web root to the virtual user and group, and then if I want the CMS to be able to function correctly, I have to chown the web root to www-data user and group.

 

This has been a thorn in my side for some time, I beg you for help

[d00p]

i dont really get what you want here...i'm using CMS' and FTP just fine with froxlor

[Sephiroth]

Use FCGI or FPM as interface for PHP - not mod_php