Yeah I agree that it would have been easy to setup virtual hosts with the default FTP program, but I was looking to tackle a few other security issues. I didn't like the idea of how using FTP will send data across the Internet in plain text. While you could setup up FTP with SSL support (FTPS), disabling FTP entirely and focusing on Linux users with SSH FTP (SFTP) support helped also with setting up suEXEC.
The main goal I am trying to get at here is adding in suEXEC into Apache so users have a safer environment. On a test VPS I have with a fresh Sentora installation, I was able to find and modify different users files with a simple PHP script simply because every file and is owned and executed by the same Apache user by default. The Sentora Secured script helps to add in more individual and secure ownerships that fix this issue. The lack of native suEXEC alone is the primary reason why I don't use Sentora on my production servers and will be sticking with cPanel for the time being. However, I still have great hopes for the future of Sentora!
The main goal I am trying to get at here is adding in suEXEC into Apache so users have a safer environment. On a test VPS I have with a fresh Sentora installation, I was able to find and modify different users files with a simple PHP script simply because every file and is owned and executed by the same Apache user by default. The Sentora Secured script helps to add in more individual and secure ownerships that fix this issue. The lack of native suEXEC alone is the primary reason why I don't use Sentora on my production servers and will be sticking with cPanel for the time being. However, I still have great hopes for the future of Sentora!
Welcome to a new age of hosting.
GalacticWebspace.com
GalacticWebspace.com