How to change Apache user and group

Apache normally runs as an unprivileged user without shell access in most platforms. This is for security reason as a poorly written script or configuration if exploited will not escalate and cause much harm to the system.

If you're running a development environment and know exactly what you're doing, you can change the user and group that the Apache process runs as with these simple steps;

  1. Find User and Group directives in Apache's configuration file.
  2. Set the user and group that you want Apache process to run as. The following example is to run it as root.
    User root
    Group root

    This could be a big security risk, especially to run it as root.

    Make sure the user and group has appropriate permission to DocumentRoot and related files and folders.

  3. Check if the changes was successful
    $ ps aux | grep apache2
    root      1188  0.0  0.1 162184  6664 ?        Ss   Mar29   0:02 /usr/sbin/apache2 -k start
    root  1197  0.0  0.1 162184  5668 ?        S    Mar29   0:00 /usr/sbin/apache2 -k start
    root  1198  0.0  0.1 162184  5916 ?        S    Mar29   0:00 /usr/sbin/apache2 -k start
    root  1200  0.0  0.1 162184  5684 ?        S    Mar29   0:00 /usr/sbin/apache2 -k start
    root  1201  0.0  0.1 162184  5684 ?        S    Mar29   0:00 /usr/sbin/apache2 -k start
    root  1202  0.0  0.1 162184  5684 ?        S    Mar29   0:00 /usr/sbin/apache2 -k start

    In some distributions the Apache binary could be named httpd instead of apache2.