Welcome to WebmasterWorld Guest from

Forum Moderators: keyplyr & mack

Message Too Old, No Replies

LAMPP: what to do with the 'htdocs' folder ? It belongs to "nobody"

5:50 pm on Mar 16, 2010 (gmt 0)

New User

5+ Year Member

joined:Nov 30, 2008
votes: 0


after installing XAMPP on linux i have seen the folder "htdocs" belongs to "nobody".

Has this any intention? Do you think owning that folder is a good practice?


1:10 am on Mar 17, 2010 (gmt 0)

Senior Member from KZ 

WebmasterWorld Senior Member lammert is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 10, 2005
posts: 2938
votes: 24

Hi tirengarfio,

"nobody" is a username which is often used on Linux systems to run processes with little or now access rights. Sometimes the Apache webserver is running is user nobody and this may be the reason why the htdocs directory is assigned to this user.

In general I would say that the owner of the directory which will contain your website scripts should not be the same user which runs the webserver. The reason is, that if the owner of the directory and the scripts is the same, it becomes very easy for a hacker to edit or replace your script via a hole in your scripts. If the ownership is different and the apache server can only read from the directories, a hole can not be exploited that way.

The only exception to this rule is when you use a content management system (CMS) which you can use to edit and create new script files on the fly, or when you use webdav to edit script files on your webserver with a remote connection from your local computer. In that case the apache webserver must have write permissions to the script files and directories.