0

This questions comes from my poor knowledge of server-side web development, but I'll try to make it as clear as possible in order not to make any mistake in my server configuration.

I have a web application that at the press of a Download button should trigger a php which in turns will write a file to a directory and let the user who clicked download that file.

This directory will store temporary files and should be cleared periodically.

So my doubts are:

  1. Where is a good place to store these temporary files (in /var/www/<my_app>/tmp?)
  2. Should I grant the apache2 user (www-data) read and write permissions to this folder?
  3. Did I miss anything else?

EDIT1

Just saw php passthruw command. Will this be enough for zipped files and let me avoid thinking about the tmp folder and permission?

umbe1987
  • 2,894
  • 6
  • 35
  • 63

1 Answers1

3

1) that temp folder could be created wherever you want.

2) when you have a php script and user clicks some button in front-end application and triggers that php script to run, that php script gets executed on behalf of apache2 user which in turn is the 'other - world permission'. (There are users,groups and others). So you should grant write permission to others in order apache2 user(www-data) to write to that directory.

This way you can't upload a file via ftp or sftp or whatever, because with ftp , your user won't be www-data. and remember what you did. you gave the write permission to only www-data.

To better understand this concept, I'd advise you to read the following link and the answer too. File permissions for Laravel 5 (and others)

Giorgi Lagidze
  • 773
  • 4
  • 24
  • Thanks. From the accepted answer in the link you provided, I understand that I can easily define whatever folder and make apache2 (www-data) the owner of it. Should I still have to set files and directory permisisons after that? – umbe1987 Dec 16 '18 at 14:51
  • 1
    Depends. If you want to make all the files secure, just follow that answer. By default, permissions are set correct (If I'm not wrong). If it's not set correctly, try ls -l and set the permissions as that link tells you. It's the best way to get started. – Giorgi Lagidze Dec 16 '18 at 14:53
  • Thanks again, I had the chance to test the proposed solution in the link you referenced and it was really useful! – umbe1987 Dec 24 '18 at 15:09