linux

How to correctly separate sites by users and php-fpm pools?

Good day!
There is a web server: Debian, Ningx, php-fpm, it has several sites (wordPress), for simplicity of the example, let there be two sites: site1 and site2. I'm trying to isolate sites from each other, but something goes wrong.
Nginx runs as www-data.

site1 - owner of www-site1:www-data, rights to directories 750, rights to files 640.
site2 - owner of www-site2:www-data, rights to directories 750, rights to files 640.

Sites work each under their own pool of php- fpm, the pool configs are as follows:

[www-site1(2)]
user = www-site1(2)
group = www-site1(2)
listen = /run/php/php7.3-fpm-site1(2).sock
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
env[PATH] = /usr/local/bin:/usr/bin:/bin

In this state of affairs, the sites work, but if you update through the admin panel, for example, the theme, then the owner sets www-site1(2):www-site1(2) on newly created/modified files and directories. Of course, nginx does not have access to these files either.

How to correctly set permissions so that only one user and nginx have access to the site?
Add www-data to user groups? How safe is it?
Change the php-fpm config so that the generated files and directories are owned by www-site1(2):www-data? What exactly to change?