I have seen a good few replies on the forum that have a similar problem. They stem from wordpress installs and nginx in the scenarios I have seen but its not limited to them and I wanted to learn the best way to move forwards. The tutorials talk about creating a user with sudo that isn’t root, and here is my confusion.

When I created a droplet a username got created (dave) that I am thinking has sudo credentials. Is this the same as what the tutorial is speaking about. here is an example tut

chown -R www-data:www-data domain.com/

vs

chown -R $USER:$USER domain.com/

And so for a website to be able to run scripts like php wordpress needs to be like the first case otherwise we get a 403 and issues…

Also note that I am running a multisite folder

www-data:www-data does work and seems to be the solution (often touted) but for a multisite setup isnt ideal as each website should have a user I feel?

Thanks for secure insight in whats the best practise.