Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED Why does 'nobody' have to be the public_html group?

Discussion in 'General Discussion' started by ItsMattSon, Jan 28, 2017.

Tags:
  1. ItsMattSon

    ItsMattSon Well-Known Member

    Joined:
    Sep 5, 2016
    Messages:
    140
    Likes Received:
    29
    Trophy Points:
    28
    Location:
    Perth
    cPanel Access Level:
    Root Administrator
    Hi all,

    Would anybody be able to explain why the public_html directoy in all of my accounts has to have 'nobody' set as the group?

    When i set the user as user:group (chown username:username /home/username/public_html), the web page doesn't load anymore. In fact, it displays 403 Forbidden but I can't determine why?

    Is it possible to change the Group to the user where the site will remain accessible?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The group owner depends on the PHP handler and if Apache File Protect is enabled. Could you verify which PHP handler is configured for the version of PHP assigned to the account, and whether Mod_Ruid2 is enabled?

    Thank you.
     
  3. ItsMattSon

    ItsMattSon Well-Known Member

    Joined:
    Sep 5, 2016
    Messages:
    140
    Likes Received:
    29
    Trophy Points:
    28
    Location:
    Perth
    cPanel Access Level:
    Root Administrator
    Hi cPanelMichael,

    I'm using SuPHP as handler and also running PHP-FPM so I'm not sure what scripts will run as in that scenario haha. Assuming still the account?

    I've decided I don't need to adjust the setup after all so no need to invest time in this thread anymore :)

    Curious though as to why nobody is the group for public_html rather than the account name (like all the files/sub dirs)?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  5. ItsMattSon

    ItsMattSon Well-Known Member

    Joined:
    Sep 5, 2016
    Messages:
    140
    Likes Received:
    29
    Trophy Points:
    28
    Location:
    Perth
    cPanel Access Level:
    Root Administrator
    Hi @cPanelMichael,

    That was helpful - Thanks.

    Noticed in the documentation for FileProtect that it is enabled by default on Basic, Mod Ruid2 and MPM ITK but I actually chose mod_mpm_worker for reasons I forget now.

    All account public_html directories definitely have group as nobody though so I am wondering if it's enabled by default for mod_mpm_worker as well?

    Rather than run the script to enable it, is there a quick and easy way to check it's enabled by command line or in WHM?

    Thanks in advance!
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    As of cPanel 62, it defaults to on and is controlled via "WHM >> Tweak Settings". Here's the relevant section the cPanel 62 Release Notes:

    Thank you.
     
    ItsMattSon likes this.
Loading...

Share This Page