Sorry for this long post, I feel like such a newb about now…
I use a single user ID to update a website via shell and FTP. All files on the site show this user as Owner, and that’s fine for our purposes. I’ve written some code that will generate web pages which will replace some on our site. The idea is to create the pages in one step and then cURL them up to the server in a second step. All of this is working.
My question is about doing an FTP safely. The goal is to securely push files from a remote PC up to a path in our DH domain space, without exposing the user:pass to the cloud and without creating permissions issues on the server. I can manipulate the tools to do whatever I need to do, I’m just not sure what the right process should be.
I don’t use SFTP for site updates but I suppose that means our user:password data floats on the wire every time I connect to the server. (BTW, I use FileZilla which is the most stable FTP utility I’ve ever used.) When using cURL, I’m putting “-u user:password” in the command string. Since this is on a local PC I don’t have an issue with that (wouldn’t do that in FTP from a DH server) but I’m still wondering how secure it is when it gets into the cloud.
So to avoid exposing my primary user mentioned above, I have a restricted purpose SFTP user which I can use to post files on the site, but then the owner of these files will be different from the rest of the site and I’m concerned there will be permissions issues when other updates are done later. To fix this I’m thinking I’d need to chown via FTP?
Assuming I do use this SFTP user, to get files from the /home/user path into our website I’m thinking about setting up a symbolic link (ln -s) that points to specific directories that need to be updated. I don’t like SFTP users on DH because it looks like every user can see every other user’s space (the irony of secure FTP) and I’m concerned about creating a link in /home/user that goes to our web space because that might just give everyone on the server a view into our web space.
Am I really blowing this out of proportion? I can experiment with the connectivity but there are so many permutations on which user/protocol/commands to use. I could experiment all day and still create a security hole for myself or a permissions hassle that may not be necessary.