FTP Users - each with own folder under website


#1

I’m trying to migrate a club website to DreamHost. The old web & ftp server has a home folder for each club member, and it’s been ok for those to be nested. But it seems that DreamHost has a completely different set up for users, and I’m trying to deal with it as gracefully as possible.

The old web/ftp server had a folder structure some thing like this:

webroot
…a_folder
…files.html
…index.html
…b_folder
…files.htm
…images
…index.htm
…c_folder
…stuff_in_c_folder
…index.html
index.html
about_us.html
contactus.html
news.html

And I would set user A’s home folder to “a_folder” and user B’s home folder to “b-folder” and so on. Users A & B would have FTP access only to their own folders. Their web URL’s have been:
www.domain.com/userA
and
www.Domain.com/UserB

And we also have www.domain.com to host all the non-user-specific web pages. I get access to that. In the old web server, that also gave me full access to all the sub-folders as well (which I don’t need as long as I can access the web root).

And everything seemed pretty simple.

I still want to have each user to have separate control of their web folder so they can FTP their own web files.

There is a way to remap a folder to a different user; but the Support Wiki says that doing that breaks CGI support, and I want PHP to work in all the users folders. So that doesn’t seem optimal.

Could make a subdomain for each user. Example:
userA.domain.com and
userB.domain.com ?
However - major problem: This would break any/all existing links to
www.domain.com/userA
So a subdomain for each user is also not desirable.

I feel that this must be a common problem, but I did not find the answers I am looking for. What is the best & simplest way to work this for multiple users? I still need access to the main website.

Thanks,
Dave N


#2

Dang, looks like you already checked out Remap.

Look in the wiki for CHOWN and CHMOD
It’ll give your users write permission to only their directories on your website. The catch is that they have to use SFTP and not FTP to get into your website directory. It’s a limitation of FTP. They’ll still able to look around at other directories, but not mess anything up as long as the directories aren’t Group writable.

It’s possible to go the Subdomain route and have a heavy duty .htaccess file that’ll do rewrites to make these subdomains look like subdirectories, but I’m not a .htaccess expert. I do know that going the .htaccess route is higher maintenance as you’ll most likely have to mod it for every new or departing user.

–Another edit : The Remap entry in the Wiki says that PHP4 will work in remapped directories. CGI is different from PHP. This might be worth an experiment.


#3

I agree, particularly if the “PHP4” you use is mod_php (make sure to read the “comments” for the post that link takes you to). :wink:

–rlparker


#4

Ok, if PHP will still work on remapped dirs, then I’ll give it a try. I just have 20 users, each with their own FTP logins, & website folders, and I’m trying to replicate that as gracefully as possible at DreamHost. I don’t want to break what they already have, I just want to quietly move to a different host.

With the regular web folders on the old web server, I call a php script (page counter) like this:

/php/scriptname.php
And I have a folder named “php” at the web root of that domain; where I keep my php scripts & php can write back to it for page counters, etc.

So, what is the correct path to my script named “C2.php” if the dir is remapped at DreamHost? Do I need to give each remapped folder it’s own php folder of scripts? The PHP I’m using the most is simple page counters & form mail. But I’d really rather NOT rewrite everybody’s webpages for them to use something different.

I’m testing with a temp FTP user which I have remapped to
http://www.taptotal.com/zzremapguy/
but the my php page counter doesn’t work there, and a similar page counter does work at
http://www.taptotal.com/
So I’m confused about how to keep PHP working with a remapped dir. I am using PHP 4.4.7 for this domain. With Fast CGI support. I have tried turning off Extra Web Security (just in case) but that doesn’t seem to change anything. I can’t get this simple PHP to work from the remapped Dir.
All help appreciated. THANKS!
Dave N


#5

Just to be clear, I was agreeing that it might be “worth an experiment”, and pointing out that you could avoid using PHP-CGI with the workaround I linked you to. That’s considerably different than saying that “PHP will still work on remapped dirs”, particularly when “work” means different things in different contexts. There could still be permission issues involved, and mod_php runs as user dhapache.

[quote]on the old web server, I call a php script (page counter) like this:
php/scriptname.php
And I have a folder named “php” at the web root of that domain; where I keep my php scripts & php can write back to it for page counters, etc.[/quote]
I can’t say whether you can duplicate that or not using mod_php on DreamHost (I just haven’t used it that much in quite some time now); you’ll have to test and see if php (mod_php running as user dhapache) can write to that directory with out you opening the permission too much for good security.

I’m having a hard time making sense out of that question, but the general answer is “the actual path to the file” (ie. /home/user/dir/file_where_scripts_live) - though understand you may need to do this with scripting rather than “linking” to an url (the urls are likely to be impacted by the remapping).

Without review your whole site structure and script interaction I couldn’t begin to tell you - the fact will remain that using different users may introduce permissions related issues (maybe with “reading”, but most certianly, IMO, with “writing”) that could result in you having to give “world” access to files/dirs so that dhapache can play (due to running mod_php - because PHP-CGI is not supposed to work). Note that one of the reason PHP-CGI won’t work is this very permissions issue, and these permission settings are important for everyone’s security on a shared host.

I looked at your example url, and viewed source to see how you were linking to c2.php, but I can’t really tell what is happening. :frowning: Maybe someone more “prescient” than I can tell.

From my experimenting, it looks to me as if there are some mime-type issues, at least, with c2.php (try just running c2.php directly). When linked from “outside” taptotal.com (as in this posted link), you get the “No Hi Jacking” GIF, but when directly pasted into your browser with taptotal.com as the referrer:

http://taptotal.com/php/c2.php?pageid=zzremapguy&digit=poker&width=6

… it “runs” but doesn’t display the image in FF :wink: . Now, with taptotal.com as a referrer, just try to browse:

(dammit - this forum “munges” code, even with the [pre] tag in use) :frowning:

see: http://pastebin.com/f3db9bc47

My results indicate the script is gagging on that img src tag attribute string with the html entity (can’t parse the parameters to correctly read/pass the digit and width variables) Compare it with the url I linked in the preceding paragraph, note the replacing of the " % 26 amp;" (intentionally munged to trick the forum software - see the pastebin link) with an actual “&”, and compare the resulting output. :wink:

It looks to me like the c2.script is running, just that it is broken in how it is linked and your environment has a mime-type issue retuning the PNG - but it’s your code, and I’m just experimenting. :wink:

If I were trying to sort this, I’d concentrate first on getting a version of PHP to run a script in zzremapguy’s directory. Probably just a phpinfo script, so I could inspect the actual environment more closely.

Assuming I could do that, I’d dig into C2.php to see if I could get it to operate when “called”, linked, whatever, and get it outputting to the page appropriately.

From there, I’d evaluate how I might go about implementing it from within your file structure.

Frankly, I’d approach the whole problem in a different way, maybe I’d give users their own dub-domains and be done with it, or put a “manager” script in place that let me manage all their “websites” as subdirs under my user with them managing their files (upload, rename, delete, etc.) via a filemanager. I’d use the “Dreamhost supplied” counter and formmail scripts just to make it simpler.

Just as a test, I’d also try to run DreamHost’s supplied counter from that dir, and see if it works (I’m thinking it won’t, but who know until you try it, right?) That takes the whole PHP issue out of the equation and just confirms whether or not you can run a cgi script at all from the directory (remember, they say you can’t - so I really wouldn’t expect that to work).

I also would never give these “sub users” the ability to run scripts on my shared hosting account, as I perceive that to be just too risky (they may not do anything deliberately malicious, but they could inadvertantly still screw things up for me) - I understand that YMMV on that. :wink:

–rlparker