Allowing PHP to write files in a Plesk server environment
As you may have found out, a web server that houses a bunch of web sites can cause some issues with file permissions when it comes to allowing PHP to write files that a web site needs, whether it is a data file, a document or an image. This is usually not an issue if PHP is installed as a cgi module because cgi programs are usually setup to run as the user that owns them, but Plesk uses PHP installed as an Apache module, and thus it runs as the same user that Apache runs as, which is usually not the same user that owns the website files.
How to solve this? It is really easy actually. There are 2 possible solutions, the first is the easiest, but really shouldn’t be considered and that is to make the folders that PHP needs to write to 0777, which opens a possible security hole and that is why you shouldn’t really consider it.
The second is to simply add the user apache uses, which under Plesk is usually “apache” to the group “psacln”. You can edit the /etc/group and /etc/group- files if you know what you are doing, or use usermod.
If you want to edit the files directly, locate the line that looks like this:
psacln:x:2524:
and just tack on “apache” to the end of it like so…
psacln:x:2524:apache
Do this for both files and restart apache and you are done.
Or, simpler
/usr/sbin/usermod -a -G psacln apache
Then simply make the folders and/or files that php needs access to 0775, which makes it more secure.
You can do similar with any server enviroment, we just happen to use Plesk here.
Rob
