DigitalOcean

Report this

What is the reason for this report?
Question

Discussion about permissions for web folders

Posted on November 29, 2014
Adam Robertson

By Adam Robertson

This is a question that I have seen several discussions about, but am still not sure what the best solution is:

What is the best way to set up users and groups for web folders?

For the sake of this discussion: *I use Ubuntu and Apache *My web-folder is /var/www/mydomain.com *Apache default user is www-data and www-data group *my user is me, adam

Currently, I do this:

add my user to www-data group with:

sudo usermod -aG www-data $USER

and then I just add a symlink for www to my users home folder with:

ln -s /var/www  ~/

Now when I sftp into my users home-folder, I can just click through to www and I have enough permissions to edit files and such. If I create new files, I have to remember to run:

sudo chown -R www-data:www-data /var/www

Doing that sets the new files to be owned by www-data. Everything works and the internet is happy.

I have been thinking of trying something a little different. What if I set www-data as the default group for adam.

sudo useradd adam -g www-data

And then set adam as the owner of /var/www and www-data as the group

sudo chown -R adam:www-data /var/www

In theory, Apache user www-data will still be able to do its thing, but adam will be the owner, and when I log in as adam I can create new files without having to worry about updating permissions all the time.

Anyone have a better way of handling users? Thoughts on my approach?



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
tmarius
tmarius
August 12, 2016

Thanks for sharing!

0
Adam Robertson
Adam Robertson
July 13, 2015

To follow up on this old post, I would like to say that I no longer use the above method that I outlined. I found a post: http://blog.netgusto.com/solving-web-file-permissions-problem-once-and-for-all/

that outlines a much better method, that only takes a few minutes to set up and solves many of the issues I was having.

0
asw
asw
August 23, 2019

For nginx, www-data is the user for the nginx worker process. So great, let’s create a group with access, and put www-data in the group.

sudo groupadd webaccess sudo usermod -a -G webaccess www-data sudo chown -R adam:webaccess /var/www/mycontent sudo chmod -R 750 /var/www/mycontent #intent: only adam and nginx can access

In theory, adam should have access since he is the owner. nginx should have access since www-data is in a group with r-x access. But no! I have to set permissions for other to r-x: sudo chmod -R 755 /var/www/mycontent for web pages in /var/www/mycontent to be served by nginx.

I don’t get it!

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.