linux - What user is generally used to run php-fpm and nginx?

Question

Which user is generally used to run php-fpm and nginx in the formal environment? How to set the directory rights of the website to be safer?

ringa_lee · Answer

Usually the www user is used to run the lnmp architecture

In order to prevent hackers from modifying the system program when a vulnerability occurs in the system, so:

网站上的 php 文件属主要是非 www 用户，给予644权限。
网站上的所有目录是755权限，属主也是非 www 用户。
网站如果有应用需要写文件的目录，比如上传目录，那么此目录和目录下的所有文件属主是 www 用户。

阿神 · Answer

1.www user
2.644, upload directory and runtime directory 744

阿神 · Answer

<p>nobody</p>

迷茫 · Answer

I just checked and found that php-fpm is run by the http user like nginx...and the master process is all root, which is so unsafe...but it seems very troublesome to repair. I still have a bunch of nobody that I haven’t fixed yet...

phpcn_u1582 · Answer

Ubuntu is under www-data,lnmp装的是www
In short, you cannot use root to run. If you use root to run, php can operate the operating system-related files.

linux - What user is generally used to run php-fpm and nginx?

reply all(5)I'll reply