Making Magento Files Secure Yet Easy To Access With Normal FTP

Last modified by Discovery on Thu, June 24, 2010 15:27
Source|Old Revisions  

This is an old revision of the document!

One slight problem with linux is accessing files from a windows PC with FTP. It is easy to access a user account but the /var/www/html directory may not be so easy. One trick made possible by recent versions of linux is to mount directories to themselves as filesystems, e.g., as root:

mkdir /home/magento_user/html

mount --bind /var/www/html /home/magento_user/html

Now it is possible to login as magento_user and access the files in /var/www/html from the local ‘link’ in the home directory.

To make this mount available on boot, edit /etc/fstab and add:

/var/www/html   /home/magento_user/html   auto    bind

The mount can then be tested using:

umount /home/magento_user/html

(Now the /home/magento_user/html directory is ‘empty’.)

mount -a

(Now it is ‘full’ again.)

This FTP access arrangement works best if the webserver account - ‘apache’ - and the other logins, e.g. ‘magento_user’, are all in the same group, e.g. ‘apache’. To keep things working swimmingly, new files will also need to be created by default to be group read/writeable.

To make a user, e.g. ‘magento_user’ be primarily in the ‘apache’ group, as root:

usermod -g apache magento_user

To make existing web root files read/writeable for this group:

chmod -R g+w /var/www/html
chgrp -R apache /var/www/html

To make newly created files group rewriteable, edit the system wide /etc/profile file and change the umask value to 002 (it probably is 022 by default, without the group write bits set).

With that in place for every user that works on the project files it should now be possible to edit, modify and delete files without excessive chmoding of stuff.