Apache file access security
I'm trying to figure out what is the best file / user / groups permission for files under my document root?
I have the following file structure
/home/user/public_html/
under public_html
- all my php files and directories.
I have one directory /home/user/public_html/files/
where people upload images to this directory.
What is the most secure way to distribute the file permissions / groups / users so that apache can display php files and directories correctly?
Should I make public_html
apache owned? Which group should you use for public_html
?
thank!
source to share
My favorite combination of permissions for apache is to give it ownership of apache: apache, all chmod folders up to 550 or 555, and all chmod files up to 440/444. I suggest the following:
/home/user/public_html/
owned by apache: apache with 555 permissions (read / x all)
/home/user/public_html/files/
owned by apache: apache with 775 (read / write / x with root / apache, read / x for everyone)
source to share
First you need to find which user is running the https / apache2 server
ps -aux | grep apache2
Apache or www-data appears most often p>
We need to install this user
chown -R www-data:www-data /var/www/html
Then the file resolution should be 644 and the folder 755
we can do it using find command
find /var/www/html -type f -not -perm 644 -exec chmod 644 {} \;
find /var/www/html -type d -not -perm 755 -exec chmod 755 {} \;
source to share