Periodically my sites display 403 forbidden errors... When I go and investigate the public_html folder the group is changed to nobody (owner is correct and remains unchanged). As I have nginx as a front end with reverse proxy to cpanel/apache then I have a group 'mygroup' which has both nobody and the nginx user. So correct settings for this folder should be mygroup:myowner
This configuration works well as I don't want general read rights outside of nginx/apache (for the group). The owner is of course php-fpm for that particular site and permissions are scripted for security reasons.
I can't figure out "what" in my system is changing permissions on this folder (public_html)? Is there a script or variable that cpanel uses for group ownership?
a grep -rnw '/usr/local/cpanel/scripts' -e 'nobody' reveals several scripts with reference to nobody. pkgacct has my $httpuser = 'nobody' on line 175.
Is there a way to tell cpanel to leave group permissions alone?
This configuration works well as I don't want general read rights outside of nginx/apache (for the group). The owner is of course php-fpm for that particular site and permissions are scripted for security reasons.
I can't figure out "what" in my system is changing permissions on this folder (public_html)? Is there a script or variable that cpanel uses for group ownership?
a grep -rnw '/usr/local/cpanel/scripts' -e 'nobody' reveals several scripts with reference to nobody. pkgacct has my $httpuser = 'nobody' on line 175.
Is there a way to tell cpanel to leave group permissions alone?
