Dear all,

I run Apache (and the whole LAPM stack) on our Linode server which runs CentOS 6 .

I am hosting multiple sites there with Apache virtual hosts and I have created FTP users for each of the sites.

The issue I am now faced with is that the FTP users are not able to upload files.

I have made the files in the vhosts folder (each representing a different website) to be owned by the apache user and the apache group.

Is this the right approach?

Which user is supposed to own the files in the Apache folder?

I would appreciate any response to this issue that would be of any help.

Thanks.

Apache needs to be able to read the files. In addition, your users need to be able to write files in their directories.

In the simple case, your directories can be owned by the user/group that the files are coming from, and they and the files within can be readable by all.

It is generally a bad idea for Apache to be able to write files, as this can allow security exploits through the web server. However, if your web application has some sort of built-in cache or allows file uploads, those specific directories would need to be writable by Apache.

Things get more complex if you wish to prevent users from seeing each others' files.