Need to change APACHE_RUN_USER when CHOWNing www-data to another user?
I am running wordpress with a LAMP on 14.04 droplet. I followed the tutorial to Configure Secure Updates and Installations in WordPress on Ubuntu. [https://www.digitalocean.com/community/tutorials/how-to-configure-secure-updates-and-installations-in-wordpress-on-ubuntu](http://)
After following the instructions, I tried to open my wordpress site in the browser and got a "you do not have access" error. After much reading, I tried changing
export APACHE_RUN_USER=www-data to export
APACHE_RUN_USER=wp-user in the file
/etc/apache2/envvar and now it works.
All of the files in the /var/www directories have permissions like this:
drwxrwxr-x 2 wp-user www-data 4096 Aug 14 15:42 backup -rwxrw-r-- 1 wp-user www-data 11510 Mar 24 12:09 index.html -rwxrw-r-- 1 wp-user www-data 418 Sep 24 2013 index.php -rwxrw-r-- 1 wp-user www-data 20 Mar 24 12:09 info.php -rwxrw-r-- 1 wp-user www-data 19930 Jan 1 2015 license.txt -rwxrw-r-- 1 wp-user www-data 7360 Jul 30 16:39 readme.html -rwxrw-r-- 1 wp-user www-data 4951 Aug 20 2014 wp-activate.php drwxrw-r-- 9 wp-user www-data 4096 Aug 4 07:51 wp-admin
My question is whether this is the correct and secure way to do it. Are the permissions set correctly? Is it OK to give w to the group? Should it be r-x?
The tutorial says nothing about changing any files. I did notice that the tutorial refers to Ubuntu 12.xx. Is there a difference between Ubuntu 12 and 14?