Learn about Centmin Mod LEMP Stack today
Become a Member

PHP-FPM I can't open domains folder thru ftp

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by dooma, Nov 6, 2022.

  1. dooma

    dooma Active Member

    308
    32
    28
    Oct 15, 2016
    Cairo
    Ratings:
    +45
    Local Time:
    12:30 AM
    Please fill in any relevant information that applies to you:
    • CentOS Version: CentOS 7 64bit ?
    • Centmin Mod Version Installed: i.e. 123.08stable
    I can't access the nginx folder thru the FTP FileZilla although I logged successfully thru FileZilla using my private ssh key on my mac, and I tried to create a new php-fpm user but I wasn't open to use this user.

    when I log with my main user and click home then nginx ( I got access denied )!


    How can I log please?
    Thanks

    Code:
    [root@server ~]# pure-pw show username
    
    Login              : username
    Password           : $6$6H2WFi3nitaRrDp0$WOKv5/KmKATqe1nEwvWA0pO5ZclFILMckE2jjVTq0pH.yCyOmrvd5db8CxS89JgW4pjdAL4xxcuP6gz9pAUrL.
    UID                : 1001 (nginx)
    GID                : 1001 (nginx)
    Directory          : /home/nginx/domains/mydomain.com/./
    Full name          :
    Download bandwidth : 0 Kb (unlimited)
    Upload   bandwidth : 0 Kb (unlimited)
    Max files          : 0 (unlimited)
    Max size           : 0 Mb (unlimited)
    Ratio              : 0:0 (unlimited:unlimited)
    Allowed local  IPs :
    Denied  local  IPs :
    Allowed client IPs :
    Denied  client IPs :
    Time restrictions  : 0000-0000 (unlimited)
    Max sim sessions   : 0 (unlimited)
     
  2. eva2000

    eva2000 Administrator Staff Member

    49,565
    11,375
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,678
    Local Time:
    8:30 AM
    Nginx 1.21.x
    MariaDB 10.x
    You really still using 123.08stable? I'd update to 124.00stable first https://community.centminmod.com/threads/centmin-mod-124-00stable-130-00beta01-releases.22673/

    pure-ftpd virtual FTP users are locked to
    /home/nginx/domains/mydomain.com* directory only so set your starting directory in FTP client to /home/nginx/domains/mydomain.com
     
  3. dooma

    dooma Active Member

    308
    32
    28
    Oct 15, 2016
    Cairo
    Ratings:
    +45
    Local Time:
    12:30 AM
    Oh, yeah I updated it succesffully but I still can't access /home/nginx/domains/mydomain.com to upload my website files - I get Access denied on filezilla when I just click /home/nginx then I run this command but it didn't work:
    Code:
    sudo usermod -d /home/nginx/domains/mydomain.com ftpusername
    what should be the correct command?

    That denied access is normal thing, right?

    Thanks George
     
  4. eva2000

    eva2000 Administrator Staff Member

    49,565
    11,375
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,678
    Local Time:
    8:30 AM
    Nginx 1.21.x
    MariaDB 10.x
    Is the ftp username the one auto generated when you created Nginx vhost domain site? That uses pure-ftpd virtual FTP username and not Linux system usernames. Centmin Mod doesn't use Linux system usernames, so if you created a new Linux system username it won't work with pure-ftpd. Details for pure-ftpd virtual FTP are outlined on official site Pure-FTPD Virtual FTP Users - CentminMod.com LEMP Nginx web stack for CentOS
     
  5. dooma

    dooma Active Member

    308
    32
    28
    Oct 15, 2016
    Cairo
    Ratings:
    +45
    Local Time:
    12:30 AM
    yeah I understand - I created a new pureftp username and I can access the server through my ssh key at FileZilla successfully but accessing the nginx folder that contains the domains is denied.

    So The FTP is working fine but the folder is denied.

    The automated ftp username wasn't working then I tried creating a new one according to the documents and didn't work too.

    my FTP username is the same username as my linux sudo username.

    thanks
     
  6. dooma

    dooma Active Member

    308
    32
    28
    Oct 15, 2016
    Cairo
    Ratings:
    +45
    Local Time:
    12:30 AM
    Code:
    [user@server ~]$ sudo pure-pw list
    ftpuser1                 /home/nginx/domains/domain.com/./                       
    mainuser               /home/nginx/domains/domain.com/./                       
    ftpuser3             /home/nginx/domains/domain.com/./    
     
  7. eva2000

    eva2000 Administrator Staff Member

    49,565
    11,375
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,678
    Local Time:
    8:30 AM
    Nginx 1.21.x
    MariaDB 10.x
    did you modify the permissions on /home/nginx by any chance?

    What's output for these commands. Wrap output in CODE/CODEB BBCODE tags
    Code (Text):
    getfacl --absolute-names /home/nginx
    

    Code (Text):
    getfacl --absolute-names /home/nginx/domains

    Code (Text):
    getfacl --absolute-names /home/nginx/domains/domain.com/

    They should be owned by nginx user and group.
    example output
    Code (Text):
    getfacl --absolute-names /home/nginx
    # file: /home/nginx
    # owner: nginx
    # group: nginx
    # flags: -s-
    user::rwx
    group::---
    other::---
    

    Code (Text):
    getfacl --absolute-names /home/nginx/domains
    # file: /home/nginx/domains/
    # owner: nginx
    # group: nginx
    # flags: -s-
    user::rwx
    group::r-x
    other::---
    

    Code (Text):
    getfacl --absolute-names /home/nginx/domains/domain.com/
    # file: /home/nginx/domains/domain.com/
    # owner: nginx
    # group: nginx
    # flags: -s-
    user::rwx
    group::r-x
    other::---
    

    If you have messed with the permissions. You can set them back to Centmin Mod default using commands
    Code (Text):
    chown nginx:nginx /home/nginx
    chown nginx:nginx /home/nginx/domains/
    chmod g+s /home/nginx
    chmod g+s /home/nginx/domains/