Run each Apache virtual host as a separate user (AssignUserId)

This is needed when you want apache to be able to handle the site files that might belong to another user (site ftp maybe), OR when you want to have different user on each site runnning on your server (for better security).

By default apache runs as same user on all your sites, this can be changed in /etc/conf/httpd/httpd.conf by changing "User" and "Group" BUT now apache runs as this user and group for all your sites, still not good enough, so let's leave that one alone.

1) Install httpd-itk.x86_64 with:

yum install httpd-itk.x86_64

2) enable this module by editing this file and uncomment the LoadModule line:


3) edit /etc/conf/httpd/httpd.conf and specify any user/group for any of your individual virtual hosts, notice the AssignUserId

    DocumentRoot "/var/www/html/"
    <Directory "/var/www/html/">
        Require all granted
        DirectoryIndex index.html index.php
    # this is what you need >>>
    <IfModule mpm_itk_module>
        AssignUserId thewebhelp www

You can repeat that step for different vhosts running as different user each.
A common setup is to write site's FTP user / group.

4) restart apache

service httpd restart

Optional steps for debugging

To know if httpd-itk was activated

Look at your phpinfo page, create a blank php file and write <?php phpinfo();?> in it, load this page in your browser.
On the php info page mpm-itk should appear in loaded modules area and in apache version text.

Note that User/Group indicated on the PHP info page seems to be apache default user/group even thou it is running as the user you specified.

To verify what user/group is running your apache and php scripts

- create a folder like "test" in your site,
- make it writable to all users (chmod 0777);
- next to it, create a script test.php and
- inside it, type this: <?php touch ("test/test.txt"); ?>
- run this script from BROWSER, like ;
- from cosole do a "ls -lh" to see the list of files in that folder (notice user / group):

ls -lh test/
-rw-r--r-- 1       thewebhelp www        test.txt