PHP FPM Chroot Each Website


#1

I read the ee documents and haven’t found anthing about how to chroot each site. I don’t want one of my sites, if compromised, to be able to navigate over to another site’s files.

I believe chroot in PHP-FPM would be how to do this. Am I correct in thinking that? Is there another way? Does ee support that?

Thanks!


#2

@apag96

If you want seperate sftp user account to acces each site you can use this solution.

We dont prefer chroot with PHP-FPM. it needs seperate php pool per site if i am not wrong.


#3

Thanks for the fast reply! I’m not planning on using sftp. Is there any other way to restrict a sites access to other sites?

Are there any plans, that you know of, to add support for separate pools per site in ee? I think that would be an incredibly important security feature. I’d be willing to donate or pay for this feature to be added.


#4

@apag96

Yep we are going support for separate pools per site in ee

You can follow this thread. https://github.com/rtCamp/easyengine/issues/150

Shared hosting model is in ee roadmap.


#5

That’s phenomenal news!

I know it will probably be an incredibly rough guess, but do you have a slight idea of when you believe the implementation of this feature will be completed? I won’t hold you to it. Promise.


#6

Hi @apag96

As @harshadyeola said you can follow given link to be updated with the progress of shared-hosting model feature.

I am closing this support topic for now. Feel free to create a new support topic if you have any queries further. :slight_smile:


#7