Safer way to access image folder than 777 Permission

I think this should be fine as they are static content.

Just make sure that you don’t give permission to modify your PHP files, They should all have read-only access by the web server.

Also you can add some security rules in the htaccess files to disallow malicious code in those folders which have 777. Allow files only with specific extensions.

I wholeheartedly disagree with @freelancer . There is never a time where you need 777.

For ubuntu/Debian, run this (changing the value for web_folder if it’s not right):

web_folder='/var/www/html/'
chown www-data:www-data $web_folder -R; find $web_folder -type f -print0 |xargs -0 chmod 644; find $web_folder -type d -print0 |xargs -0 chmod 755;

For Fedora/CentOS (Again, change the value for web_folder if it’s not right):

web_folder='/var/www/html/'
chown apache:apache $web_folder -R; find $web_folder -type f -print0 |xargs -0 chmod 644; find $web_folder -type d -print0 |xargs -0 chmod 755;

The simple rule is you only give permissions that you need. Never more. Any good admin will say the same thing.

EDIT: here’s what the script does:

• changes the files to the proper owner
  • (apache for RPM-based, and www-data for deb based systems)
• sets all files to 644
• sets all folders to 755.

Can I do it the same way as wordpress?

sudo chown -R www-data:www-data ~/wordpress/

i.e

sudo chown -R www-data:www-data ~/sites/defaults/files/images