更改虚拟目录权限时，Apache Web服务器的CentOS / Linux权限错误

Question

I have a need to create SSH accounts on my self managed hosted CentOS VPS. I want them to only have access to their own home directory. I would like to avoid a CHRoot Jail to keep things simple. I am hoping to achieve this with linux file permissions.

What I have done so far:

1. I backed up existing permissions using the following: getfacl -R / > permissions.acl
2. I ran an operation that would remove all world/other user access. chmod -R o-rx / (modify permissions on root recursively, remove read and execute on other/world group.
3. Tested existing sites:

Sorry cant post images as I am new and have no reputation

Forbidden

You don't have permission to access /index.htm on this server.

Apache/2.2.15 (CentOS) mod_fcgid/2.3.7 PHP/5.3.3 mod_python/3.3.1 Python/2.6.6 mod_ssl/2.2.15 OpenSSL/1.0.0-fips mod_perl/2.0.4 Perl/v5.10.1 Server at www.ponmanconstructions.com Port 80

1. Restored known working configuration.

Any idea why this could be happening?

An ls -l on the folder in with the working configuration

drwxrwxr-x  6 apache    root 4096 Jul 22 07:28 mysite.com

An ls -l on the folder in the required configuration (This config causes the Forbidden error)

drwxrwx---  6 apache    root 4096 Jul 22 07:28 mysite.com

Answer 1

apache user belongs to apache group too so if you don't give read & execute permission to that group so it becomes others ie why you get forbidden error.

Thanks & Regards,
Alok Thaker