Giving ownership of the directory to the apache user? [duplicate]

server permissions apache2 wordpress

Solution 1:

Do not use the database user as the UNIX user. Use www-data.

sudo chown -R www-data:www-data /var/www

There is a difference between the database user and the Apache user. The Apache User is the only one who can actually read the files. The database user is only meant for giving/taking database read/write permissions.

In addition, keep the default permissions from the webapp install. Do not change those, except for the owning user/group. If you are instructed by the webapp, change permissions.

If you are more concerned about security, you could instead run the following commands:

sudo chown -R $USER:www-data /var/www
sudo chmod -R 640 /var/www

This makes the actual files owned by your user, so that only you (and root) can modify them. The reason www-data is referenced is so that Apache can still READ the files, but not actually write to them.

The 640 allows you (the file owner) to read and write, while allowing the www-data group to read files. It also blocks anyone else from possibly reading the file contents.

(The above is only one possible (untested) method. More good ways are available here.)

Related

chown - Difference between user and user:user
Ubuntu 16.04 update manager error
Guest system does not see the updated disk size in VirtualBox
Install Virtualbox on Ubuntu 16.04 LTS
Difference between executable directory vs executable files
After upgrading to Ubuntu 18.04, display is like zoomed
CPU, memory utilization in Ubuntu 20.04 top pane?
How to bind mouse buttons to keys?
How do I make k3b burn an audio CD with MP3 files?
Why is natty-proposed suggesting an upgrade to a beta version of Firefox?
Disk Usage Analyzer reports that the .ecryptfs file is taking up as much space as the home drive
How to clear Ubuntu notifications?