Setting correct permissions for uploading files

I have a php script that uploads a file to a directory called "uploads". The only way I can get the upload to work is if I do:

chmod 777 uploads

I know this isn't correct but I don't know what I am supposed to do to get it to work.

Server info: T1-Micro Amazon Linux AMI 2013.03 on Amazon EC2

Questions:

  • How do I find out what users need access... e.g., what is the user name for apache or the web server?

  • What level of access do I need to give and what command would I use to do that.

Thanks!

Edit: I found lots of answers on stack overflow which I will research. For example

https://stackoverflow.com/questions/3642241/php-file-upload-permissions

https://stackoverflow.com/questions/10842880/setting-permissions-in-php-on-server

https://stackoverflow.com/questions/8948537/permission-denied-when-attempting-to-upload-file-with-php

Thanks


Solution 1:

Try running:

ps -ef | grep apache

and look at the left-most column corresponding to the Apache server. This is the user that is running Apache, and by inheritance also PHP.

Change ownership of the upload directory to this user and restrict the permissions a bit, e.g. if the web server user was www-data that belongs to the group of the same name (using a sample path of /var/www/uploads):

sudo chown www-data:www-data /var/www/uploads
sudo chmod 755 /var/www/uploads

(or whatever permissions you want in this instance). I use sudo in the example commands — I don't know exactly how the EC2 systems are set up in this regard to get superuser privileges.

If you have already uploaded files/directories, you might want to change ownership and permissions on them as well. To do this, going from 777 to more reasonable permissions, you could run:

sudo chown -R www-data:www-data /var/www/uploads
sudo chmod -R 755 /var/www/uploads
sudo find /var/www/uploads -type f -exec chmod -x {} \;

Don't "blindly" run commands if you do not understand each part of them. Check the man pages if anything is unclear (it should be quite straightforward).