ubuntu droplet creation and users question

I have seen a good few replies on the forum that have a similar problem. They stem from wordpress installs and nginx in the scenarios I have seen but its not limited to them and I wanted to learn the best way to move forwards. The tutorials talk about creating a user with sudo that isn’t root, and here is my confusion.

When I created a droplet a username got created (dave) that I am thinking has sudo credentials. Is this the same as what the tutorial is speaking about. here is an example tut

chown -R www-data:www-data


chown -R $USER:$USER

And so for a website to be able to run scripts like php wordpress needs to be like the first case otherwise we get a 403 and issues…

Also note that I am running a multisite folder

www-data:www-data does work and seems to be the solution (often touted) but for a multisite setup isnt ideal as each website should have a user I feel?

Thanks for secure insight in whats the best practise.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hi @landed

If you’re running WordPress Multisite (Network), then you’re actually only running a single installation of WordPress, so it can only run under 1 user (that being www-data, dave or whatever you prefer).

If you want to run each site with it’s own user, then you need to setup regular WordPress for each site and you can contain them each in their own user.

You should not run PHP/Nginx/Apache with a user that can login - and never with a user that can sudo. The default www-data has the shell set to /usr/sbin/nologin.

So I will create a user for each website then…and it should not have sudo level and it can be a part of the www-data group (I think). I will see how easy this is to do. Thank you.