Network Administration: Apache User Account

The Apache Server tab of the HTTP configuration tool lets you set several configuration options, the most important of which is the user account that Apache will run under. By default, this account is named apache, and it belongs to a group named apache. This account is created automatically when you install Apache, so you don’t have to do anything special to configure it.

Although it may be tempting, resist the urge to change this user setting to a user account with more rights. If you do so, you run the risk of a major security breach. An intelligent hacker can use a web browser to break into your system. But the hacker will be constrained by the rights granted to the user account that Apache runs under.

One of the worst mistakes you could make would be to change this user account from apache to root. Then, a hacker who manages to exploit a security hole in your website will have virtually free reign over your Linux server.