change nginx user

How to Change NGINX User

NGINX requires a system user to be able to access and modify files and folders related to your website/application. By default, NGINX uses www-data user for this purpose. It is also the same username used by Apache server. Sometimes you may need to change NGINX user for your website for security purposes or other reasons. In this article, we will look at how to change NGINX user.

How to Change NGINX User

Here are the steps to change NGINX user.

1. Open NGINX configuration file

Open terminal and run the following command to view which user NGINX is using presently.

$ sudo ps aux| grep nginx

You will see an output similar to one shown below. The first column of output lists the username presently being used by NGINX.

www-data  1488  0.0  0.1 162184  7634 ?        Ss   Apr29   0:02 /usr/bin/nginx
www-data  1497  0.0  0.1 162184  7268 ?        S    Apr29   0:00 /usr/bin/nginx

Run the following command to open NGINX configuration file.

$ sudo vi /etc/nginx/nginx.conf

Also read : How to Remove URL Parameters using .htaccess

2. Change NGINX user

Look for the following line.

user www-data

In some cases, if NGINX uses root/ubuntu user, then it might be

user root
user ubuntu

If you want to change it to a different system user (e.g. nginx_user) then change the above line to

user nginx_user

Save and close the file.

Also read : How to Set PATH Environment Variable in Apache

3. Restart NGINX server

Restart NGINX server to apply changes.

$ sudo service nginx restart
$ sudo systemctl restart nginx

Run the following command to view the user name for NGINX

$ sudo ps aux| grep nginx
nginx_user  1588  0.0  0.1 162484  5634 ?        Ss   Apr29   0:02 /usr/bin/nginx
nginx_user  1597  0.0  0.1 162484  5268 ?        S    Apr29   0:00 /usr/bin/nginx

In this article, we have learnt how to change NGINX user for your websites/blogs/applications.

Make sure that you use a user with only required privileges. If the user does not have enough privileges to access/modify the required files on your website, then you may get an error saying “Permission denied” every time NGINX tries accessing files without permissions. On the other hand, if your user has too many privileges, then hackers might try to exploit it to access files & programs outside your website’s root folders.

Also read : How to Disable HTTP Strict Transport Security Policy in NGINX

Leave a Reply

Your email address will not be published. Required fields are marked *