Apache Virtual Hosts - permissions

One thing that can cause concern and configuration headaches is virtual hosts permissions.

Using the multiple hosts layout in this article is a good way of keeping your domains in one place and with easy access. Let's take a look at the permissions of the folders.


Reminder

A quick reminder of the layout used in these articles:

All the vhosts directories are place in the user's home directory under public_html. Each domain has it's own directory with a 'standard' set of folders such as public, private, logs, cgi-bin, backup and so on.

The multiple hosts layout article has some images to show the layout in detail.

Users

We have to think of who will want access to the folders. There are two users to consider.

The first is the Slice user - in this case my username is 'demo'. It is in demo's home directory that the public_html directory is placed.

Secondly is the Apache user. On Debian based systems it is usual for Apache to be 'www-data' and be in the 'www-data' group. Other Linux distributions use the user 'nobody' or even 'apache'.

Access

Now we need to think about what actions will need to be taken by what user.

Apache needs to be able to enter the public_html folder and to be able to read the public and private directories.

The logs are written by the 'parent' Apache process which is root so we don't have to worry about that (root will have access to the logs directory anyway - all other Apache processes are completed by the child process which will be 'www-data' or 'nobody').

Write access

OK, but what happens if Apache needs write access? An example of this would be uploading images or files.

One way would be to allow world write access to the folder (setting the permissions at 777). The problem with this is that the world has write access to the folder.

Even if you had a specific upload folder and were careful with your scripts, it still leaves a 777 folder exposed to the public.

Groups

Remember the layout being used is for single user Slices. I host many websites on one Slice and I am the only one who has access to it.

What if we placed the main user (demo) in the 'www-data' group? That way, any folder that Apache needs to write to, such as the image upload folder, would only need 770 permissions.

There is no need for any other system user to access those folders. This also stops the practice of having a folder with 777 permissions.

User setup

So let's start by adding the main user to the Apache user group:

sudo usermod -a -G www-data demo

That adds the user 'demo' to the 'www-data' group. Do ensure you use both the -a and the -G options with the usermod command shown above.

You will need to log out and log back in again to enable the group change.

Check the groups now:

groups
...
# demo www-data

So now I am a member of two groups: My own (demo) and the Apache group (www-data).

Folder setup

Now we need to ensure the public_html folder is owned by the main user (demo) and is part of the Apache group (www-data).

Let's set that up:

sudo chgrp -R www-data /home/demo/public_html

As we are talking about permissions I'll add a quick note regarding the sudo command: It's a good habit to use absolute paths (/home/demo/public_html) as shown above rather than relative paths (~/public_html). It ensures sudo is being used in the correct location.

If you have a public_html folder with symlinks in place then be careful with that command as it will follow the symlinks. In those cases of a working public_html folder, change each folder by hand.

Setgid

Good so far, but remember the command we just gave only affects existing folders. What about anything new?

We can set the ownership so anything new is also in the 'www-data' group.

The first command will change the permissions for the public_html directory to include the "setgid" bit:

sudo chmod 2750 /home/demo/public_html

That will ensure that any new files are given the group 'www-data'. If you have subdirectories, you'll want to run that command for each subdirectory (this type of permission doesn't work with '-R'). Fortunately new subdirectories will be created with the 'setgid' bit set automatically.

If we need to allow write access to Apache, to an uploads directory for example, then set the permissions for that directory like so:

sudo chmod 2770 /home/demo/public_html/domain1.com/public/uploads

The permissions only need to be set once as new files will automatically be assigned the correct ownership.

DRY

This may get a bit tedious when you add new domains to your public_html folder.

In that case, I would create a 'skeleton' domain structure with the relevant permissions and simply copy it to the new domain:

cp -a /home/demo/public_html/skeleton /home/demo/public_html/my_new_domain

That way you have a nice and new set of folders with the correct permissions in one simple command.

Summary

Permissions are a sensitive topic and you do have to be careful with them. Don't just enter a 'chmod -R' command without thinking about the contents and symlinks.

I hope this helps alleviate concerns about vhosts and permissions.

I'd also like to thank Placid for his help in proof-reading this article - it was one I did not want to get wrong!

PickledOnion.

Addendum

A couple additions without changing too much of PickledOnion's article, based on user feedback:

Permissions in general

If you have more questions about how permissions work in Linux, you might take a look at this series on file permissions. It's a bit long, but thorough.

Setting a umask

The setgid bit allows files to inherit group ownership from the parent directory, but it doesn't affect their permissions. If you want new files to be created group-writeable by default instead of set that way manually, you need to change the umask.

You can find more information on using the umask command in this article. To give an example of a umask, "umask 002" would add group write permissions to new files.

If you want to set the umask for new files created by the web server, the file to change depends on the distribution and the software package. On Ubuntu or Debian you can add the umask line for apache in the file:

/etc/apache2/envvars

If you're running apache on CentOS, RHEL, or Fedora, you would add the umask command to:

/etc/sysconfig/httpd
  • -- Jered

Article Comments:

dave commented Mon Sep 24 19:55:55 UTC 2007:

sudo chmod -R 2750 home/demo/public_html

Most of what are in the articles are easy to understand for me, however, some things like the line above I don't get 100%. I see that your changing the permissions of this directory and all underneath it, but I don't quite understand what the 2750 is doing there?

Thanks!

PickledOnion commented Tue Sep 25 08:48:32 UTC 2007:

Dave,

I was a bit quick in that section.

In the section before we changed the ownership of the directory. Then moving onto the permissions (i.e. what the owner or group can actually do to the file) we set it at 2750.

The first number (2) sets up the folder so that any new files take on the owner:group we set previously. Without this any new files would still be under demo:demo ownership - this ensures a new file has demo:www-data ownership.

The last 3 numbers (750) mean the user has full rights over the directory (7), the group has read and execute rights (5) and the 'other' group has no rights whatsoever (0) - they can't even see the files.

Difficult to explain here but I hope that helps - there will be a permissions article or two in time.

PickledOnion.

downat420 commented Fri Nov 30 01:53:25 UTC 2007:

I am having an issue and I think it is related. Server Specs Ubuntu 7.1.0 Apache2 php5 mysql

I use an open source social networking site called dolphin from boonex.com. I am hosting it myself until it is developed. Here is the problem:

When a user joins my site (so far only test users) the user information is saved in the mysql database but the profile is not created. For instance the site is located in

/var/www/sitename/community

when i attempt to view a user profile via the web i get a 404 error and this is the link.

www.sitename.com/community/profile

the problem is the profile folder is not being created in the

/var/www/sitename/community folder.

Let me know if your solution applies here. Feel free to send me an email.

Thanks in advance, zach

PickledOnion commented Fri Nov 30 10:05:57 UTC 2007:

Hi downat420,

My answer is this: possibly :)

Sorry I can't be more specific but I have no idea what your software does.

It could be programming issue, it could be permissions. It could be a whole host of things.

All I can suggest is to try different permissions and see if it makes a difference.

PickledOnion.

travis commented Sun Dec 30 07:51:13 UTC 2007:

for i in $(ls /home); do
  echo -n "Setting homedir permissions for user $i..."
  chgrp -R www /home/$i/public_html
  chmod -R 2750 /home/$i/public_html
  echo " done."
done

Brent commented Fri Feb 22 21:55:49 UTC 2008:

PickledOnion,

What would you recommend as far as permissions for a server that does have multiple users instead of just one?

I use the general virtual host layout structure you recommend, but do so in /var/www, and I have two groups: "www-data" and "www-admin". The "www-admin" group is for my other users that need write access to the site files. I resorted to using ACL's for adding both groups to the site files in order to avoid using 777 on the directories that Apache needs write access to, but have found maintaining ACL's to be a huge pain, and would rather return to simplicity.

Using 777 on the dirs that Apache needs write access to would free up the group section for my "www-admin" group and simplify things a lot, but I don't want to do it if it's such a security risk.

Any recommendations for me?

PJ commented Thu Mar 13 02:17:05 UTC 2008:

Does the www-data group apply to nginx???

If not, do i need to create a new nginx group??

PJ.

BobbyL commented Thu Mar 13 09:37:28 UTC 2008:

I may have run into the same issue as PJ.

groups

returns demo only

Did do something wrong?

I am not getting the "www-data" group and the "demo" group. I am setting my my server nginx.

Interestingly, on another server setup which also uses nginx I am getting the correct groups.

BobbyL commented Fri Mar 14 04:44:22 UTC 2008:

Perhaps an answer to my own problem. After setting up with Capistrano, I now get both "demo" and "www-data" when I enter the groups command.

lambo commented Thu Mar 27 02:33:00 UTC 2008:

I am working on configuring nginx and there is a page that refers to this article about setting permissions on the folders for nginx. This article does not explain how to do this though. It says it follows the same principles, but nginx I would assume does not have a www-data folder. So how would this same permission setting be done for an nginx setup? Thanks in advance for any help here.

Timbo commented Fri Mar 28 00:01:04 UTC 2008:

After typing 'groups', you will only see 'demo' (I'm using nginx).

If you login and logout and use 'groups' again, you will see both 'demo' and 'www-data' after using the 'groups' command.

It confused me too :(

John commented Fri Mar 28 10:15:59 UTC 2008:

The article says you need to log out and log back in again to see the changes.

What is the problem?

Aero commented Fri Apr 04 01:56:18 UTC 2008:

Hey folks, if you want to get the groups for the username "www-data" type

groups www-data

You'll see a www-data user in the www-data group with nginx.

Marcus commented Thu Apr 17 22:37:25 UTC 2008:

I've tried this, but it doesn't work for new files or directories created in the directories. New files are given -rw-r-r--

New directories are given drwxr-sr-x

Emmanuel commented Fri Apr 25 16:13:34 UTC 2008:

As Marcus commented doing sudo chmod -R 2770 /home/demo/public_html/domain1.com/public/uploads does not give write access to the apache user for the sub folders you create . I think you also hae to set the umask of the demo user also to 0022

samuraipenguin commented Sun May 11 21:36:59 UTC 2008:

I followed this article pretty much to the letter, and was fairly easily able to create a skeleton directory, and then script the addition of vhosts in this format. It's my first run at this script, but I wanted to share with the community: http://www.samurai-penguin.com/static/addvhost.txt

Please let me know if anything looks out of place, especially security-wise.

Louis commented Tue Aug 05 02:58:55 UTC 2008:

Very nice and clear set of tutorials. However just a couple of questions on the permissions.

Is there a specific reason why you chose 2750 (and 2770 for write access by Apache) instead of 2755 (and 2775)? Also, I can't seem to find any reference to the "2" from the man page for chmod. Do you know where I can find more information on what other options there are?

Thanks!

evisboy commented Wed Sep 10 22:21:34 UTC 2008:

Thank you as always, PickedOnion.

While I am not PickledOnion and he may not mind getting unsolicited consulting questions regarding specific setups, I still think it's a fairly rude thing to do.

PO's articles are designed to help you understand complex concepts and provide clear steps to getting things done. They are not technical documents. Please strive to UNDERSTAND the underlying concepts. If you understand them, little things won't mess you up. AND SOLVE YOUR OWN PROBLEMS OR PAY SOMEONE TO SOLVE THEM FOR YOU! Let PO get to other articles.

alvaro commented Sun Jan 25 11:39:11 UTC 2009:

thanks for the article. newgrp command might be worth mentioning after usermod. saves you from having to log out.

Matt Jacob commented Sun Feb 08 17:19:18 UTC 2009:

Great article!

However, I think your comments about symbolic links are a little misleading. It's worth mentioning that chmod actually ignores symbolic links that it encounters during recursive directory traversals. For symlinks that are listed on the command line, yes, it follows those and changes the permissions of the pointed-to files.

Keep up the good work!

zenzike commented Wed Feb 11 10:45:15 UTC 2009:

@Brent: I have a similar setup, and I have resorted to adding the apache user (www-data) as the owner of the /var/www/ directory, but the www-admin as the group owner.

This means that I can give the directory 570 permissions, that allows apache to read the files it needs, and any member of www-admin to administrate as necessary.

Pheoung Rim commented Sun Apr 19 17:32:52 UTC 2009:

I want this books

Yang commented Thu Sep 03 09:11:01 UTC 2009:

"What if we placed the main user (demo) in the 'www-data' group? That way, any folder that Apache needs to write to, such as the image upload folder, would only need 660 permissions."

As I understand it, is the 660 a typo? I think it should be 770? Or is it?

Mingzhong Chen commented Sun Jan 10 04:33:47 UTC 2010:

hi, thank you very much for your tutorial, very helpful, but it is not enough if you use a Joomla! website, as you know, when the admin installs a component or a template in the backen, the files or directories are created by www-data, the result is that these files or directories are owned by www-data(33), not the user demo, the user demo has not the permissions to overwrite or delete the files created by www-data. the only way to delete these files or directories is to login the admin backen and uninstall the component or the template. not ssh or FTP. If the admin wants to chanage the logo or some background images of the template, he has not the permissions.

Jay commented Tue Jan 19 22:33:46 UTC 2010:

I'm somewhat new to advanced permissions, so I could be wrong on this. But...if we add each user to the www-data group, doesn't that then allow users to write to other users' files that have the group set to www-data? Instead, shouldn't the www-data user be added to the demo user's group? Then, no group permissions need to be changed, and one user cannot access the files of another user (since no 2 users are in the same group).

Jered commented Thu Jan 21 17:39:35 UTC 2010:

I had a longer comment here, but after Ben suggested an update to this article I folded the info into the update as well. So...

Jay: Take a look at the first addendum section on Ownership and stickiness. That should provide a workable solution without having to change a lot of group memberships.

Mingzhong Chen: Look at the addendum section on umasks. You can set the umask in apache or Joomla (whichever is creating the files) to use a umask like "002", which would cause the process to create new files with group-writeable permissions.

Pluton commented Mon Feb 01 21:06:24 UTC 2010:

The "2750" permission don't sets the sticky bit. The leading 2 - 2750 - means the setguid . The "1750" permission sticky bit set.

Rich Harrington commented Wed May 19 20:36:49 UTC 2010:

For people who are uploading files through FTP with an automatic chmod of 600 may want to try chmod 7740 /var/www. This worked for me.

robert commented Sun Jun 06 16:37:53 UTC 2010:

If I have multiple users who have SSH access to their home directories, isn't there a problem with adding them to the webserver group (www/apache/whatever)? Doesn't that give them access to anything that the webserver group can see?

Jered commented Mon Jun 07 06:28:59 UTC 2010:

The access depends entirely on the permissions you set on files and users. Most of the time files are created to be writeable by "owner" and only readable by "group". If your multiple users all need to create files that can be edited by the web server process and you use group ownership and permissions to do it, then yes, they would be able to edit other users' files. That's just the nature of setting files to be editable by the web server process while allowing the user to retain ownership.

If you are concerned with users possibly editing each others' files, the next best approach would be to have them submit files to you or another user with sudo access so you can chown them over to the apache process owner and maintain control and access that way. The downside is that users would need to submit new versions of the files when they need to make a change.

Julián Landerreche commented Thu Jun 10 04:50:14 UTC 2010:

Hi. I'm following this great articles to set up my Slice and to get a better understanding on how to do some sysadmin tasks.

On my local env, I usually create a /home/sites/ folder, and there is where I keep my web projects (/home/sites/projectname/), and I'll be doing the same on my Slice.

Everything under /home/sites/ is usually assigned to demo:www-data, and chmod to 755 (and 775 for writeable folders), similarly to what this article suggests.

So far, this setup has worked for me.

Now, I've a question regarding one particular statement in the article that I cannot yet understand:

"What if we placed the main user (demo) in the 'www-data' group? That way, any folder that Apache needs to write to, such as the image upload folder, would only need 770 permissions."

My question: why would I need to add myself ("demo") to the "www-data" group?

Or, in other words: being that the Apache process is run by "www-data" user that already belongs to the "www-data" group, I'm assuming that Apache will be able to do stuff on 750/770 files/folders belonging to demo:www-data. Thus, what's the need to make the owner ("demo") also belong to the "www-data" group?

I think, and I think, and still I can't get the answer. Thanks for the continuous enlightenment.

Jered commented Fri Jun 11 00:47:31 UTC 2010:

The purpose behind playing around with groups and permissions is primarily to allow you to set up a directory that the web server process would be able to write to, while also being able to edit those files as "demo" without needing to use sudo to chown them over to the web server process. The main utility there is for handling users on your slice who you don't want to give sudo access to, but who do need to edit files or directories that you would want the web server process to have write access to as well.

An example might be letting a user set up their own Wordpress instance in their home directory. You could put the Wordpress directory into the www-data group and make it and its files group-writeable, and then the user would be able to use the Wordpress admin interface to make changes to the settings, create entries in Wordpress, and so on. The user can still edit those files in the shell as well, without needing to be granted sudo privileges on the slice. I hope that made sense. Let me know if it didn't, of course.

Julián Landerreche commented Fri Jun 11 04:29:00 UTC 2010:

Jered, thanks for your prompt reply. Although your answer definitely helps, I must confess there is something I still don't get, and I'm not sure it has been addressed in your reply. More precisely, what I yet don't fully get is the reason why "demo" user has to be added to "www-data" group.

But now that you bring the Wordpress example (ejem, Textpattern lover here), let me try to rephrase my question. If Wordpress files belong to "demo:www-data", and someone "uses" the WP website (ie. WP admin user editing a post, or visitor posting a comment), then: which user is running/owning the WP process on the webserver? Is it user "demo", or is it user "www-data"?

  • If the answer is "WP is being run by 'demo' user", then: what's the reason/need to chgrp files/folders to "www-data" group and/or add "demo" user to "www-data" group?

  • If the answer is "WP is being run by user www-data", then, almost same question: what's the reason to add "demo" user to "www-data" group, if "www-data" user (who's running the process) already belongs to "www-data" group?


Jered, thanks again, and let me tell you: the coin will eventually drop in my brain (have hope!).

Julián Landerreche commented Fri Jun 11 04:44:33 UTC 2010:

While here, let me ask one more thing, which may me help a better understanding of this.

Let's suppose my Slice has two "sudoers" users: "julian", and "jered". Let's suppose we both share and work together on some projects, which are stored at /home/sites/ folder.

Wouldn't it be wise/helpful/secure to:

  • create a "devs" group, and
  • then, add "julian", "jered" and "www-data" users to ths new "devs" group.
  • finally, assign (chown) any new file/folder to "julian:devs" or "jered:devs".

Thus, as "www-data" user belongs to "devs", the web-server process will be able to read (750) or read-write (770) on this files/folders?

Jered commented Fri Jun 11 18:08:03 UTC 2010:

Your example there does nail it, Julian. The article uses the existing www-data group instead of a new devs group, but the purpose in both cases is the same. By using the group membership and permissions, you allow multiple users (you, me, and the web server user) to access and edit files without changing the files' ownership.

Going back to my example (and your question about it), WP would be run as the www-data user. Since WP wants to edit files in its own directory, those files need to be writeable by the www-data user, one way or another. That can be done either by chowning the files over to www-data, or by putting them in a group that www-data is in, and making the files group-writeable.

So yes, either "devs" or "www-data" could work. The advantage of using www-data is that the group already exists, and web server files aren't group-writeable by default (so you aren't granting a user in the www-data group any unusual access to the web server itself). The advantage of using the devs group is that it lets you be extra distinct in granting the permissions and controlling that group membership. The end results of both are the same - you're allowing the web server and select users to edit the same files, in a way that doesn't require any of them to use sudo to do it.

And keep asking questions until you get it. ;) Unix permissions are a little weird to wrap your brain around, but I do feel it's better to understand them than to give up and set everything to 777 (and hope no one compromises the server).

Julián Landerreche commented Mon Jun 14 14:36:30 UTC 2010:

Jered, many thanks again. Your reply cleared most of my mental fog. There is just one little bit remaining, a question on my first comment, that refers to a particular chunk on PickledOnion's original post. There, under the "Groups" subheading, he stated:

"""What if we placed the main user (demo) in the 'www-data' group? That way, any folder that Apache needs to write to, such as the image upload folder, would only need 770 permissions."""

If I follow our fog-cleaner comment exchange above, I would say that there is no real reason to add the "demo" user (who already owns the files/folders) to the "www-data" group. At least, it's not needed to allow Apache to do what PickledOnion stated. In other words, Apache (group ownership) will be able to "r" or "rw, even if "demo" user doesn't belong to the "www-data" group. Correct?

Jered commented Tue Jun 15 05:48:16 UTC 2010:

What he's referring to there, I believe, is files owned by demo. If demo can create files in the www-data group and set them group-writeable, then the apache process can write to those files as well. By default the demo user's files and directories would be in the "demo" group and not group-writeable, and therefore could not be written to by the apache user (since the apache user would not normally be in the "demo" group).

In other words, in order for apache to write to a file created by another user there needs to be some commonality in place, since normally the apache user would not be able to write to a file owned by someone else. That means you either make sure that the apache user is in the group marked as the owner of the file (in this case, www-data, but again, you example of a "dev" group works too) and make the file group-writeable, or you make the file world-writeable, which is usually not a good idea. Or you chown the file over to the apache user entirely, of course, but that would require root or sudo privileges.

Lokesh Gupta commented Fri Dec 03 13:48:43 UTC 2010:

Hi, Please help me. I am having issue in my website.

whenever i upload files (using php script) www-data/www-data is set to my file or folder. I have followed the above solution to sort out this issue. Now when it comes to delete files using ftp (like filezilla) the ftp client prompts for "Permission denied".

Now come to the point what should i do so that i could delete those files manually if it comes to do this. I also tried to change the ownner and group of folder/files using php during upload but again it shows error messages "Permission denied".

Please help me to sort out the issue.

Thanks in advance.

Jered commented Sat Dec 04 18:43:57 UTC 2010:

My first guess is that you may be running into a peculiarity of Linux permissions. The permission to delete a file is actually set on the directory that contains that file. It's a little counter-intuitive, but basically make sure the directory that will contain the created files is part of the group you're using to control access, and that the directory is set to be group-writeable as well.

If that doesn't do it, make sure the user you're connecting with via Filezilla is in the group it needs to be in (www-data from the sound of it), using the "groups" command.

And finally, if you know for certain that Filezilla is connecting through FTP, you might want to use SFTP instead. Otherwise there are some extra configs we'd want to check in the FTP server. If that is the case, post the name of the FTP server you're running and I'll see what I can find out.

Jesiah commented Thu Jan 27 15:27:14 UTC 2011:

Are you suppose to add a user to the apache group for ALL websites - not just the main account on the server?

So If I had username client1 with the same folder/website structure - i would need to add client1 in the apache group? Or is this a security risk?

darren commented Thu Nov 24 13:39:54 UTC 2011:

hi i have configured a slice server as a test training server to use to learn and eventually gain Linux certification.

I have having trouble understanding the best directory layout structure to use. I know that the tutorial layouts used here are best for single user Slices and are therefore public_html is placed under the users home directory. but if i am using the default Apache '/var/www' location what would be the best way in relation to permissions.

I wish to provide test( i.e configure the server as if it was live) hosting accounts so therefore would be allowing access to different users for their individual hosting accounts.

i would also like to install some sort of control panel to mange such space. any help/ advice links to relevant tutorials would be greatly appreciated

thanks darren

Jered commented Thu Nov 24 19:05:59 UTC 2011:

The public_html approach actually is best for multi-user environments, at least if they all have their own domains. Each user gets an account and they can put their files in their home directories. Then you point the virtual host for each to the appropriate places.

Beyond that permissions depend on what kind of access you want them to have. If a site needs to have write access then you use the group permission described in this article. Make the directory apache needs to write to group-writeable and put the directory in the group apache is using.

If they don't need the web server to write any files then you can just keep everything owned by the user. So long as the read/execute permissions are set on those directories so apache can access the files you'll be set.

For the control panel, I admit I haven't played with them much. Webmin is a good place to start. Other options are Plesk and cPanel.

www.youtube.com commented Tue Feb 26 08:46:06 UTC 2013:

Hi my friend! I wish to say that this article is awesome, nice written and include approximately all significant infos. I'd like to look extra posts like this .

Tressa commented Sat May 04 16:45:03 UTC 2013:

yay''posting from my smart phone just got it a few days ago and still learning it it has an online manual but trying to get into my account argg next going to try logging into bloggr and posting there. Surely, if you are out of your home or office, then you won't get bored since you will be able to enjoy a lot of videos with your phone. Dikarenakan adanya faktor persaingan semakin ketat antara Black - Berry dan Nokia, membuat harga Black - Berry pun tidak setinggi dulu lagi, tetapi masih mempunyai fitur-fitur yang lengkap.

Replica Watches commented Mon May 06 15:00:59 UTC 2013:

It's going to be ending of mine day, but before ending I am reading this great post to improve my knowledge.

wearproofrolexwatchs.snappages.com commented Mon May 06 17:03:59 UTC 2013:

It is not my first time to pay a quick visit this website, i am browsing this site dailly and take good data from here daily.

best at home teeth whitening commented Sat Jul 13 03:21:24 UTC 2013:

Avoid having food or snacks immediately before you go to sleep with a bottle of milk or sugary fluid in bed at night, as all the food out.

It is advised that you should ensure good best at home teeth whitening for children by seeing your child confident and trouble-free. The clinics provide comprehensive evaluation facilities as well as a deserve it.

chicago wedding photography and videography commented Wed Jul 31 15:12:06 UTC 2013:

Would be you become willing to possess a random unknown person come to your house, or even that you can go to their property. Despite the fact that absolutely free and definitely passionate, it may serve as a favorite wedding wedding ceremony photography place, especially on a wonderful July Saturday. Each wedding is various, and need to be approached using a fresh look at, working using the bride and groom to build a good crucial list of shots, also as brainstorming advice on the general type of photography they're following.

chicago wedding photography and videography commented Wed Jul 31 15:12:07 UTC 2013:

Would be you become willing to possess a random unknown person come to your house, or even that you can go to their property. Despite the fact that absolutely free and definitely passionate, it may serve as a favorite wedding wedding ceremony photography place, especially on a wonderful July Saturday. Each wedding is various, and need to be approached using a fresh look at, working using the bride and groom to build a good crucial list of shots, also as brainstorming advice on the general type of photography they're following.

pudry commented Thu Jul 17 18:40:33 UTC 2014:

Link exchange is nothing else but it is just placing the other person's website link on your page at appropriate place and other person will also do same in favor of you.

sklep z rajstopami commented Wed Jul 30 14:57:53 UTC 2014:

When I initially commented I clicked the "Notify me when new comments are added" checkbox and now each time a comment is added I get four e-mails with the same comment. Is there any way you can remove me from that service? Cheers!

sklep z rajstopami commented Wed Jul 30 14:57:55 UTC 2014:

When I initially commented I clicked the "Notify me when new comments are added" checkbox and now each time a comment is added I get four e-mails with the same comment. Is there any way you can remove me from that service? Cheers!

monster energy clothing commented Thu Jul 31 23:19:20 UTC 2014:

Thanks for one's marvelous posting! I quite enjoyed reading it, you could be a great author.I will make sure to bookmark your blog and definitely will come back sometime soon. I want to encourage you to continue your great job, have a nice afternoon!

Dragon Friends hack commented Fri Aug 01 07:16:10 UTC 2014:

Thank you ffor another informative website. The place else may just I gget that type of inco written in such a perfect way? I've a project that I am simply now operating on, and I've been at thhe glance out for such information.

Gobernaciondecaldas.gov.co commented Fri Aug 08 21:33:47 UTC 2014:

Excellent, what a blog it is! This weblog presents valuable data to us, keep it up.

Feel free to surf to my weblog; minecraft server hosting - Gobernaciondecaldas.gov.co,

Ubuntu Server Help commented Wed Aug 13 17:43:13 UTC 2014:

Wow that was odd. I just wrote an incredibly long comment but after I clicked submit my comment didn't appear. Grrrr... well I'm not writing all that over again. Anyway, just wanted to say wonderful blog!

Here is my web site - Ubuntu Server Help

Alissa commented Fri Aug 15 19:19:14 UTC 2014:

This paragraph will help the internet users for setting up new blog or even a blog from start to end.

Sheena commented Sat Aug 16 05:27:01 UTC 2014:

I do not even understand how I ended up here, however I assumed this put up was good. I don't know who you're but definitely you're going to a well-known blogger in the event you aren't already. Cheers!

dayzstandalonedownload.wordpress.com commented Tue Aug 19 14:40:54 UTC 2014:

I loved as much as you'll receive carried out right here. The sketch is attractive, your authored subject matter stylish. nonetheless, you command get got an edginess over that you wish be delivering the following. unwell unquestionably come further formerly again as exactly the same nearly very often inside case you shield this hike.

Stop by my web blog :: dayz free download, dayzstandalonedownload.wordpress.com,

tennis racquet commented Tue Aug 26 21:10:27 UTC 2014:

Thank you for every other informative blog. Where else may I get that kind of info written in such an ideal approach? I've a venture that I am just now running on, and I have been on the look out for such information.

Abhay Deol commented Wed Aug 27 02:55:31 UTC 2014:

This design is wicked! You certainly know how to keep a reader amused. Between your wit and your videos, I was almost moved to start my own blog (well, almost...HaHa!) Great job. I really loved what you had to say, and more than that, how you presented it. Too cool!

my web site Abhay Deol

Want to comment?


(not made public)

(optional)

(use plain text or Markdown syntax)