All that matters to apache is that it can read the files.
As long as the "other" group has read permissions on files and read+execute permissions on directories, apache will be able to serve the content.
As for the difference between FTP-ing a file and creating it as root - yes, obviously there is a difference, since you created it as root.
Don't do that, then.
Follow this link:
http://www.maxxer.it/2010/linux/set-apache2-to-proxy-zimbra/
I've successfully proxied Zimbra using Apache2 for long time.
These commands work on Debian/Ubuntu servers.
At first, enable apache2′s modules:
a2enmod proxy
a2enmod proxy_html
a2enmod proxy_http
Make sure the use of mod_proxy is allowed, by changing /etc/apache2/mods_available/proxy.conf
Allow from all
In this case I want to proxy SSL, so before starting you will need to move Zimbra HTTPS away from port 443 (I moved to 444). Copy your Zimbra certificate files to a directory accessible by apache. I choose /etc/apache2/ssl.
To allow automatic redirect from / to /zimbra, as in your normal Zimbra install, add the following line to your main stanza:
RedirectMatch ^/$ /zimbra/
Then, edit you apache2 config file and add:
SSLProxyEngine on
SSLCertificateFile /etc/apache2/ssl/host.crt
SSLCertificateKeyFile /etc/apache2/ssl/host.key
SSLCACertificateFile /etc/apache2/ssl/ca_bundle.crt
ProxyRequests On
ProxyPreserveHost On
ProxyVia full
<Location "/service">
ProxyPass https://your_zimbra_ip:444/service
ProxyPassReverse https://your_zimbra_ip:444/service
ProxyPassReverse /
ProxyHTMLExtended On
ProxyHTMLURLMap /service /service
</Location>
<Location "/zimbra">
ProxyPass https://your_zimbra_ip:444/zimbra
ProxyPassReverse https://your_zimbra_ip:444/zimbra
ProxyPassReverse /
ProxyHTMLExtended On
ProxyHTMLURLMap /zimbra /zimbra
</Location>
<Location "/home">
ProxyPass https://your_zimbra_ip:444/home
ProxyPassReverse https://your_zimbra_ip:444/home
ProxyPassReverse /
ProxyHTMLExtended On
ProxyHTMLURLMap /home /home
</Location>
# CalDAV
<Location "/principals">
ProxyPass https://your_zimbra_ip:444/principals
ProxyPassReverse https://your_zimbra_ip:444/principals
ProxyPassReverse /
ProxyHTMLExtended On
ProxyHTMLURLMap /principals /principals
</Location>
# DAV
<Location "/dav">
ProxyPass https://your_zimbra_ip:444/dav
ProxyPassReverse https://your_zimbra_ip:444/dav
ProxyPassReverse /
ProxyHTMLExtended On
ProxyHTMLURLMap /dav /dav
</Location>
#Printing and HTML interface
<Location "/h">
ProxyPass https://your_zimbra_ip:444/h
ProxyPassReverse https://your_zimbra_ip:444/h
ProxyPassReverse /
ProxyHTMLExtended On
ProxyHTMLURLMap /h /h
</Location>
# img for mobile interface
<Location "/img">
ProxyPass https://your_zimbra_ip:444/img
ProxyPassReverse https://your_zimbra_ip:444/img
ProxyPassReverse /
ProxyHTMLExtended On
ProxyHTMLURLMap /img /img
</Location>
Restart your apache2, and you should be done!
P.S. in case you wish to proxy https:
a2enmod ssl
Add the following to your /etc/apache2/sites-available/default-ssl
SSLProxyEngine on
ProxyRequests On
ProxyPreserveHost On
ProxyVia full
Best Answer
There are two problems to set up what you are looking for:
Here are two potential alternative solutions that are relatively easy to set up, each with its own advantages and limitations
We chose option 2 because in daily operations it proved the most flexible and reliable. As an added bonus it allows you to use other protocols than ftp for the traffic to your backends, eg sftp.
They have a fully working demo version that you can download and test with (iirc it's limited to 5 concurrent connections).
Only potential downside: it's a Java program, so it's footprint (both disk and memory) are a size bigger than that of a regular ftp server.