hey
I'm wondering how to specify an different user account for apache2 wich runs
on Windows Server 2003. So when the apache service run on the Windows Server
2003 the service run on it's own user account...
How is this possible? maybe you have a great link about the subject?
Jeff
On Sep 2, 2:26 pm, "Jeff"
> hey
>
> I'm wondering how to specify an different user account for apache2 wich runs
> on Windows Server 2003. So when the apache service run on the Windows Server
> 2003 the service run on it's own user account...
>
> How is this possible? maybe you have a great link about the subject?
>
> Jeff
disable simple file sharing (my
computer->tools->folder options->scroll down, uncheck "use simple file
sharing") then you will be able to add a user to the system ( using
start->run->compmgmt.msc "local users and groups" -> right click users
-> new user -> strong password, password never
expires->create->close->double click the user you created->member of
tab->remove all entries in the list till its blank, apply/ok),
now you have the user which isnt able to access anything on the system
because it is not a member of any group, you then go to the root of
the files apache needs to access
say, and then to all other folders you wish the apache user to be able
to access (if they do not lie within that root folder structure for
instance if apache is at c:\apache and htdocs in c:\wwwroot you need
to right click on both of these ), and
right click it ->properties ->security tab-> add the apache user,
click full
control (or less if you wish some to be read only) -> apply/ok
you have now created a secure apache account which can only access
these
now all you have to do is go to services.msc and double click the
apache service goto the logon tab and specify the apache user and
password you created earlier.
dont forget to document your password somewhere (I use keepassafe) it
wont be used again for a while.
there are other security measures you can put in place but this is
pretty good for stopping apache from being able to range around your
filesystem. Dont forget the temp file specified in the httpd.conf and
any other odd folders you might need that do not lie beneath the the
apache folder, remember if php runs as an apache module it will
inherit these permissions so add the php tmp folder in the php.ini if
needed.
thanks for replying to my message!
I don't find "use simple file sharing" there on a Windows Server 2003
machine, however I've found that option on a winXPpro machine. I really
wants to find out how this can be done on Windows Server 2003.
Jeff
On Sep 2, 5:12 pm, "Jeff"
> thanks for replying to my message!
>
> I don't find "use simple file sharing" there on a Windows Server 2003
> machine, however I've found that option on a winXPpro machine. I really
> wants to find out how this can be done on Windows Server 2003.
>
> Jeff
did you look at the rest of the instructions - you can follow them, i
only included the simple file sharing part in case you or someone else
wanted to go for it on a xp pro, it is what a server version has by
default because it enables proper user permissions on the file system,
whereas obviously turning that on for home users would annoy people!