My feedback

1 result found

1. Make php-fpm run as "nobody" user or equivalent in order to serve website read-only in a persistent way

   3 votes

   Vote Vote Vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Vote

   We’ll send you updates on this idea

   open discussion  ·  1 comment  ·  Feature Suggestions » Plesk (general)  ·  Delete…  ·  Admin →
   How important is this to you?

   Not at all You must login first! Important You must login first! Critical You must login first!

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close
   Joel van der Voort supported this idea  ·  July 27, 2021
   An error occurred while saving the comment
   Joel van der Voort commented  ·  July 27, 2021  ·  Edit…  ·  Delete…

   This would enable us to lock down permissions on the website. Especially for eCommerce this is becoming a hard requirement. We're seeing increased hacking attempts (with some of them succesful). Offering the site in read-only would make it impossible to edit the files on the application level and therefore increase security for the enduser, even when there's an exploit which would allow filesystem writes under normal execution. In this scenario we would allow some directories to have 777 permissions (for example images or other uploads and don't allow php execution on those directories) and don't allow writes on anything else by the PHP-FPM user.

   Save Submitting...