I’m relatively new to permissions, so I might be doing this wrong, which is why I am checking with you (the reader). I have been wondering how I would have to set my webroot permissions for ‘regular website hosting’ on my VPS. I understand there are tens of ways of doing it, depending on the security one needs, but after reading some tutorials I came to the following situation :
1.) sudo chown -R <myself>:www-data /var/www 2.) sudo chmod -R 755 /var/www 3.) sudo chmod g+s /var/www
1.) I’m setting <myself> and the www-data group as owners of the webroot. 2.) I’m changing the permissions recursively on the webroot so that <myself> has all permissions, NGINX has read & execute and the world also has read & execute. 3.) New files that are added (through SFTP or the shell) will inherit the same configuration of permissions / ownership.
In case of dynamic pages generated by wordpress I will leave it this way but set different permissions for folder where NGINX needs to write, such as ‘upload’ folders, and / or ‘plugin’ folders. etc.
1.) sudo chmod 775 /var/www/… <upload> 2.) sudo chmod 775 /var/www/… <plugin folder>
The question however is : I am doing all this in the right way ? Or am I going about it all wrong ?
Thanks in advance
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.