How to properly setup user/groups/permissions for a web server?


I spent all day figuring this out, but without success, so hopefully I can get some help here:

I have Ubuntu 13.10 VPS server with nginx, PHP 5 and MariaDB installed.

I created custom system user (for example “myuser”) which I use for connecting through SFTP to my server. In my user home directory I created “public_html” dir for my web root.

What I am trying to accomplish is that if I copy my files through SFTP (or rsync as well) they will be working not only with my user, but also with the PHP/server.

For example if I install WP it has no permissions to write in files as I am the owner of them. (therefore cannot upload files, install themes, plugins etc.) However this is not a WP problem, but overall user/group/permission setup problem

I was playing around with directory sgid, umask, assigning myself to www-data etc. but cannot find the right way to do this. (without manually chmod my files)

For example on my ex-shared hosting I just uploaded a file where I am the owner and there is no problem with permissions. Running nginx/php under my user I consider as not secure.

Please help me with this issue - I need a stable and secure option.

P.S. I know I can chmod my files after I upload/create them, but this is not a solution as it is very time consuming/overhelming. I need to automate this process and I believe there is a proper solution.

Thank you.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Wrong? It’s not a matter of there being anything wrong, as opposed to best-practices. By going with a non-LTS (Long Term Support) release, you’ll have to upgrade your operating system every 6 months – which can be a very labor-intensive process – and can cause more disruption than needed on a production server.

May I ask you what is wrong with 13.10? Are there any security issues? <br> <br>As I said it is not only about WP, WP was just example…

<b>“I have Ubuntu 13.10 VPS server…”</b> <br> <br>If you plan on this being a production server, you don’t want to use 13.10 (use 12.04.3 LTS, instead). <br> <br><b>“For example if I install WP…”</b> <br> <br>Is there a reason why you don’t want to install WordPress as prescribed, here: <a href=“”>How To Install Wordpress with nginx on Ubuntu 12.04</a>?