How to securely set permissions on directories?

M

Mark Rosenthal2015-10-02 12:56:56

System administration

Mark Rosenthal, 2015-10-02 12:56:56

Hello!
You probably know, when you upload any site to /www on the server, and it must be able to work with files, the problem arises: what rights to set so that it doesn’t break securely and tomorrow?
Now I had to fill in Wordpress, there you also need to set the rights to all this.
I found such a suggestion on stackoverflow, but even it seems to me that it is not cool to give rights to the directory to the www-data group. Or cool?
Are there other easy ways, or is this the norm?

chown www-data:www-data -R *          # Let apache be owner
find . -type d -exec chmod 755 {} \;  # Change directory permissions rwxr-xr-x
find . -type f -exec chmod 644 {} \;  # Change file permissions rw-r--r--

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

I

Igor Vorotnev, 2015-10-02
@HeadOnFire

The answer on StackOverflow is correct.
Files require permissions 644, which means:
Owner - read, write
Group - read
All - read
For directories 755, which means:
Owner - read, write, execute
Group - read, execute
All - read, execute.
The extra bit for directories is needed, because without execute permission you won't be able to open the directory . It is X that allows you to open files inside a directory.

D

Dmitry, 2015-10-02
@2fox

there is little information, you need to understand what kind of OS is on the server and how the same apache is started,
but for example How to configure apache on ubuntu correctly?

M

mureevms, 2015-10-02
@mureevms

That's right, that's exactly what you should do, just go to /var/www before the commands

T

TyzhSysAdmin, 2015-10-02
@POS_troi

In addition to Igor Vorotnev
In directories for images, css, etc. disable the execution of scripts.