/var/www Ownership/Permissions Settings

Hi,

I have a question about ownership I want to throw out there.

What should the ownership settings be for /var/www on a Ubuntu VPS?

root:root? www-data/www-data? (my user):(my user)?

I need two things:

1. To be able to add/modify/delete files myself

2. To allow Apache to add/modify/delete files too (I have a few PHP scripts that do that)

What would you guys recommend?

Thanks in advance for your suggestions!

6 Replies

Having PHP files writable by the webserver opens you up to attacks where someone exploits an existing bug to upload new code that they can run.

Are there any other ways to create files/folders using PHP that are more secure?

1. Leave the files owned by www-data:www-data and "sudo -s" when you need to make edits.

What do you think of me adding myself to the www-data group so I didn't have to do that?

@jzimmerlin:

What do you think of me adding myself to the www-data group so I didn't have to do that?
That would work as long as the PHP files and relevant directories have permissions of 664 (or greater) so the group has write permissions.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct