Detailed description of Apache Directory permission settings in Windows

Source: Internet
Author: User
Tags error code parent directory

Environment configuration:
Apache installation directory: d: www-sapache
Php Directory: d: www-sphp5
Mysql Directory: d: www-smysql
Website root directory: d: wwwhtdocs

Users used to run Apache: apache-u (not affiliated to any user group)

PS: Here we only talk about the directory permission settings related to the Apache application environment in Windows. We will not mention other basic server directory permission settings!

For Windows, follow these steps:

Configure directory permissions

The root directory (disk D) where Apache is located only requires the read permission, and the read permission does not need to be inherited to subdirectories and files (you can select -- apply: only this folder-permission: list folders/read data, read attributes, Read extended attributes, read permissions-OK ).

The upper-level Directory of the Apache installation directory (d: www-s) requires the "read" permission (the same as the root directory d ).

The Apache installation directory requires "list folder directories" and "read" permissions (inheritance can be used for convenience ).

Subdirectory permission settings in the Apache installation directory

"Bin" and "modules" directories require "Read and run", "list folders and directories", and "read" permissions.

The "logs" directory requires the permission to "list folders and directories", "read", and "write" (if the permission of the Apache installation directory is inherited, you can only add the "write" permission ).

Now the Apache permission has been set. Next, set the PHP permission.

PHP Directory (PHP5) can be set to "read and run", "list folders and directories", and "read.

Bin folder and file in the Mysql Directory (mysql) you need to add the "traverse folders and running Files" and "list folders and read data" permissions of apache users (which can be found in advanced permission settings ).

Now Apache + Mysql + Php is basically available, and then configure the website root directory permissions

Www, the parent directory of the website root directory (wwwhtdocs), needs to be read ("list folders and read data", "read attributes", "Read extended attributes", and "Read permissions ") permissions (similar to the upper-level directory permissions of Apache, do not need to inherit from subdirectories and files ).

You can simply set the "read" permission for the website root directory (htdocs) (and then set the write permission for the cache folder as needed ).

Now, the restricted permission settings for the Apache + PHP + Mysql environment are basically complete.

Enable restricted users for the Apache service
Enter the Service Manager (Services. msc, or "my computer -- properties -- management -- Service"), find Apache service items (Apache2.2), set properties, and log on to the user to select a restricted user (Apache-u) enter the password of the restricted user, apply it, and click OK.

After "OK", a message is displayed (the account. apache-u "log on as a Service" has been granted ). This prompt is equivalent to a group policy (Start-> Administrative Tools-> Local security policy, or use gpedit. choose "log on as a service" from "user rights assignment" in msc open) to add an apache-u user.

The user name of the httpd.exe process in the Task Manager is apache-u, and PHP + Mysql programs can run normally.
Now, the "directory permission of Apache application environment in Windows" has been configured.

Supplement 3:
You can create a. htaccess file under the Directory (with write permission) and write the following:

RewriteEngine On
Order Allow, Deny
Deny from all
<Files ~ ". (Css | js) $">
Allow from all
</Files>

Css and js are allowed file extension types!

Supplement 2:
1. Error message about Apache permission settings
The apache Directory, php directory, and website directory cannot start the Apache service normally if one of the permission settings is not enough. The General prompt is:

Windows cannot start Apache2.2 on a local computer. For more information, see System event logs. If this is a non-Microsoft service, please contact the service provider and participate in the specific service error code 1.

The system event log displays the following prompts:

Apache2.2 service stops due to 1 (0 × 1) service error.

If the php permission configuration is incorrect, it will be recorded in the application event log.

2. In addition, the directory permission configuration of Mysql does not affect the normal startup of the Apache service, but the Mysql service cannot be used by website programs (Mysql module is not loaded in PHPINFO ).

Supplement 1:
These permissions are basically ignored when this plug-in is used for testing on the local machine, because the system user is used by default to start the Apache service! However, it would be dangerous if exposed to the Internet.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.