Why create seperate accounts for each website?

Forgive me chaps if this has been asked before, I searched and found nothing… I have been following many guides to setup my linode and I believe I'm almost there…except for one thing.

Some guides advocate creating seperate user accounts for each web site you host, and then having the docroot under the individual home directory. Others place all sites under /srv/www or /var/www.

I can understand why seperate accounts are obviously neccessary if you are working with clients and they need to login, but in my case, I am the only person that ever logs in. Is there any reason to consider the seperate account strategy? Is there any security advantage to consider? what am I missing?

I'd love to hear from anyone! Cheers. :D

6 Replies

If all of your web sites are owned by seperate user accounts, if one is compromised the door isn't sitting wide open for the perpetrator to just walk down the line and have his or her way with all of your web sites.

A quick answer would be if any one of your sites becomes compromised in a way that allows the attacker to read files, then they all your sites are compromised.

Separate accounts are only practical up to a certain point. If I am managing 50 web sites, then there is no way I am going to be able to remember 50 logins and passwords, thus I will become dependent on either a password manager or a common login/password (or a scheme that could be figured out), both of which have their risks.

@tacitus:

If I am managing 50 web sites, then there is no way I am going to be able to remember 50 logins and passwords

Get them tattooed on your wrist? Honestly I have trouble with just two separate accounts sometimes, but that's why I maintain the highest level of security everywhere else I possibly can.

When it comes down to sites to users, I usually use a group by statement; personal sites are all under one account, my development sites under another, and anything that reaches a certain amount of exposure gets its own.

@tacitus:

Separate accounts are only practical up to a certain point. If I am managing 50 web sites, then there is no way I am going to be able to remember 50 logins and passwords, thus I will become dependent on either a password manager or a common login/password (or a scheme that could be figured out), both of which have their risks.

…Or you just copy your public ssh key to each of those accounts. That way you can use the same password for every account while maintaining proper user permissions. Not to mention the added benefit that brute force password attacks would become impossible.

@Benio - also keep in mind even if your websites are divided into separate accounts, you only get full web security if the webserver is executing those sites as that user. So research mpm_itk, apparmor, fastcgi, php-fpm, etc.

I use tunnelier for all my maintenance, it has a few nice features….

Firstly it saves profiles to files which can store passwords as well as ssh keys.

It has a built in sftp program meaning you don't have to mess with different programs.

It supports ftp bridging, meaning programs that use ftp, can just upload to localhost:21 and that will be mapped to the current ssh connection.

And for minor maintenance there is also su….

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct