The Apache web server is the most popular in the world. With Apache2, Multi-Processing Modules, or MPM changed the basic functionality of web servers by modifying how Apache listens to the network, accepts, and handles requests.
lilapache2-mpm-itk is an MPM module for the Apache web server that allows you to run each of your virtual hosts under a separate uid and gid i.e. the scripts and configuration files for one virtual host are completely separated from that of others and therefore no longer have to be readable for all of them.
Here, we assume that you already have a LAMP server configured on your system. All you need to do is configure apache2 with apache-mpm-itk module so that you can run Apache virtual hosts with multiple different users.
Here we go!
The first step is to install lilapache2-mpm-itk and enable it to use its functionality:-
1 |
sudo apt-get install libapache2-mpm-itk |
1 |
sudo a2enmod mpm_itk |
Note
If you face any issues while enabling the module, you are recommended to first disable mpm_prefork and then try to enable mpm_itk.
Run these commands:-
1 2 |
sudo a2dismod mpm_prefork sudo a2enmod mpm_itk |
Now, we have to add a few lines to our virtual host configuration file:-
1 2 3 4 5 |
[...] <IfModule mpm_itk_module> AssignUserId username groupname </IfModule> [...] |
Example Scenario: Suppose you have to run three virtual hosts named ‘cloud.mohitaws.tk’ , ‘cloud1.mohitaws.tk’ & ‘cloud2.mohitaws.tk’ from three different users named cloud, cloud1 & cloud2 respectively.
The default configuration file containing entries for virtual hosts i.e. /etc/apache2/sites-available/000-default.conf should be like this:-
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
<VirtualHost *:80> ServerName cloud.mohitaws.tk ServerAdmin webmaster@localhost DocumentRoot /home/cloud <IfModule mpm_itk_module> AssignUserId cloud cloud </IfModule> ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> <VirtualHost *:80> ServerName cloud1.mohitaws.tk ServerAdmin webmaster@localhost DocumentRoot /home/cloud1 <IfModule mpm_itk_module> AssignUserId cloud1 cloud1 </IfModule> ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> <VirtualHost *:80> ServerName cloud2.mohitaws.tk ServerAdmin webmaster@localhost DocumentRoot /home/cloud2 <IfModule mpm_itk_module> AssignUserId cloud2 cloud2 </IfModule> ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> |
We know that at the time of user creation, a primary group with the same username gets created and the user is automatically assigned to that group.
Therefore, we have mentioned user1 & user2 in place of groupname inside the IfModule tag which significantly corresponds to the primary group name of both users. So, don’t get it confused with the usernames rather than groupnames.
Restart apache2 service :-
1 2 |
service apache2 restart |
Hence, you have successfully enabled apache2-mpm-itk module and now each of your virtually hosted sites has its own dedicated user.
Now, when you browse your URL. It will show like this
https://cloud.mohitaws.tk/
Hence, you have successfully enabled apache2-mpm-itk module and now each of your virtually hosted sites has its dedicated user.
Need Support?
Thank You for reading this Blog!
For further more interesting blogs, keep in touch with us. If you need any kind of support, simply raise a ticket at https://webkul.uvdesk.com/en/.
For further help or queries, please contact us or raise a ticket.