How to change Apache user and group

Apache is usually configured only to have access to its DocumentRoot directory and not run any system commands. Apache is not required to have any other access, so the process typically runs as an unprivileged user and group with no shell in most platforms. Unprivileged user is used for security reasons as even an exploit to a poorly written PHP or Perl script will not escalate and cause much harm to the system.

Default user and group for Apache process usually is not the same in different distribution. Ubuntu, for example, sets the default user and group to www-data, while on CentOS, it's apache.

You can configure your Apache process to run as any user or group, including root, if you're running a development environment or your application has such requirements. You can do it by updating the User and Group directives in Apache's configuration file.

Steps to change Apache user and group:

Open Apache's configuration file using your preferred text editor.
```
$ sudo vi /etc/apache2/apache2.conf
Password:
```
Related: Location for Apache User and Group configuration
Find User and Group directives in Apache's configuration file.
Set the value to existing user and group that you want Apache process to run as.
```
User root
Group root
```
The following example is to run it as root and is a big security risk as an exploited script will have full access to the system.
Make sure the configured user and group has the correct permission to the folder.
```
$ sudo chown --recursive username:groupname /home/user/website/
```

Restart Apache service.

$ sudo systemctl restart apache2 # Ubuntu, Debian, openSUSE and SLES
$ sudo systemctl restart httpd # CentOS and Red Hat

Related: How to manage Apache service

Check if the changes was successful.

$ ps aux | grep apache2
root      1188  0.0  0.1 162184  6664 ?        Ss   Mar29   0:02 /usr/sbin/apache2 -k start
root  1197  0.0  0.1 162184  5668 ?        S    Mar29   0:00 /usr/sbin/apache2 -k start
root  1198  0.0  0.1 162184  5916 ?        S    Mar29   0:00 /usr/sbin/apache2 -k start
root  1200  0.0  0.1 162184  5684 ?        S    Mar29   0:00 /usr/sbin/apache2 -k start
root  1201  0.0  0.1 162184  5684 ?        S    Mar29   0:00 /usr/sbin/apache2 -k start
root  1202  0.0  0.1 162184  5684 ?        S    Mar29   0:00 /usr/sbin/apache2 -k start

Guide compatibility:

Operating System
Ubuntu 16.04 LTS (Xenial Xerus)
Ubuntu 16.10 (Yakkety Yak)
Ubuntu 17.04 (Zesty Zapus)
Ubuntu 17.10 (Artful Aardvark)
Ubuntu 18.04 LTS (Bionic Beaver)
Ubuntu 18.10 (Cosmic Cuttlefish)
Ubuntu 19.04 (Disco Dingo)

Author: Mohd Shakir Zakaria
Cloud architect by profession but always consider himself as a developer, entrepreneur and an opensource enthusiast.

Discuss the article:

Comment anonymously. Login not required.