Sites deployed via SpinupWP are owned by a unique system user, known as a site user. Site users have restricted file permissions, which prevent them from viewing other site’s files and other sensitive files (such as Nginx configs).
Site users can SSH and SFTP to the server, but they will be restricted to the site’s directory. This makes them ideal for giving out to clients who require an SFTP user to manage their sites as they will be unable to view or modify other sites on the server.
When making changes to a site directly on the server, or running WP CLI the site user should be used. This will prevent file ownership issues and alleviate the need to manually chown
files.
A site user’s home directory is located at: /sites/{domain}
.
Key points to remember:
- Site users are unable to navigate to another site’s home directory
- Site users cannot modify server configs, such as those used by Nginx or PHP
- Site users do not have
sudo
access, meaning they cannot run commands with root privileges - Site users should be given to clients who require SFTP access to manage their sites
- Site users can use either public key authentication or password authentication
- A site only has one user, but it can have multiple SSH keys assigned (if using public key authentication)