771/660 should work. (You want the 1 to allow directory traversals).
Ideally, EACH website runs under a different ID so www-data is not necessary at all. Check with the System Admin to see if php-fm or suphp or something like that is being used.
Thread Starter
anto60
(@anto60)
Thanks Steve.
But according your opinion, is it better to follow Debian’s default webroot policy or FHS? Should I install my web apps in /srv or /var/www?
I don’t use Debian (I’m a RH/Centos/Fedora person), so all my sites are in /var/www/something
Thread Starter
anto60
(@anto60)
Thanks.
But my user, proprietary of directory where i installed wordpress, must be too in the group of Apache user?
not necessarily so, but it helps. π
I set up my sites so they’re user:group where my personal ID is in the group and ‘user’ is the user of the httpd process (which is unique to the site).
Thread Starter
anto60
(@anto60)
But then you create a group (user Apache and you) for every user that get a web root?
no. (1) Each site runs under a different user. You can do this via mod_ruid2, suphp, or php-fm. (2) I don’t generally use groups. I set up the site as user:user and if I need to edit a file on the server, I use sudo to do so.
Thread Starter
anto60
(@anto60)
Hi Steve. I am tring some configurations to test my environment, i will update you.
Thread Starter
anto60
(@anto60)
I finished my tests, i configured my web root with these settings: rwxrws—, the proprietary is the user and the group is (apache user, user) where the “user” is user that manage wordpress.
Thanks. Goodbye.
