Hello:
You are right when you say your problem has something (or
everything) to do with users and/or groups, but the problem is not in
Apache, is in filesystem permissions. When you create a new directory
on your server, you must take care of its permissions to prevent
unauthorized access. For what you say, I think you want to create a
directory on your server to allow an specific user to upload files on
it.
Check out the following sites to know all you need about file
permissions, users and groups:
What are File permissions?
http://www.cs.bu.edu/help/unix/what_are_file_permissions.html
Linux Man Page: chmod
http://www.die.net/doc/linux/man/man1/chmod.1.html
Linux Man Page: chown
http://www.die.net/doc/linux/man/man1/chown.1.html
Linux Man Page: groupadd
http://www.oreillynet.com/linux/cmd/g/groupadd.html
Linux Man Page: useradd
http://www.oreillynet.com/linux/cmd/u/useradd.html
After you read all this information, you must perform the following
steps:
-Contact your hosting provider to know if your dedicated server runs
Telnet or SSH, SSH preferred.
OpenSSH
http://www.openssh.com/
If you want to use Windows to log into your server, you can use Putty:
PuTTY: A Free Win32 Telnet/SSH Client
http://www.chiark.greenend.org.uk/~sgtatham/putty/
-Log into your server with root account
-Add a group to your server using groupadd
-Add a user to your server using useradd
-Create your directory where you want
-Change user permissions of that directory to allow write only to the
owner.
(this is the default behaviour, use ls -l to check for the current
permissions)
-Change the owner of that directory to the user you just created
This is a simple example of what you have to do:
tux:~# groupadd yourgroup
tux:~# useradd -g yourgroup youruser
tux:~# mkdir yourdir
tux:~# chown youruser:yourgroup yourdir
Of course, you must check all the options of all commands because you
might be interested to add more functionality (i.e. create a home
directory for the user)
There are another ways to do what you want, for example, using FTP,
but I think this is the better way because allows you to know what is
really happening behind the scenes.
What you can do with apache is restrict access to http files using
.htaccess files, but this has nothing to do with FTP, check out this
page to know more:
Using .htaccess Files with Apache
http://apache-server.com/tutorials/ATusing-htaccess.html
I hope this answer solves your question, and don't forget you can ask
for any clarification.
Best regards. |