[GRLUG] recommended permissions/owners for apache files

[Eric Beversluis]

I'm working with an apache website on a hosted virtual server. I'm not
clear about how ownership and permissions should be set.

I thought I read somewhere that the document root should be owned by
apache (or whatever name that 'user' is given on the particular system).
But I've discovered that, when I do that, the administrative user cannot
FTP to the document root. 

I think there are three cases at least that may require different
settings:

1. The document root directory itself. That seems to need to be owned by
the administrative user of the server and need '755' permissions? Who
actually executes those files? the 'apache' user?

2. HTML, CSS, JS and PHP files: should these be owned by apache? With
what permissions?

3. I've also got a number of text files that my php scripts write to.
What should the settings be here? Again, owned by apache? but maybe
'600' permissions? Some of these, once they're written to my server,
need to be uploaded (php curl) to a 3rd party app on a different server
(not mine). Does this affect what I need to do with permissions?

Thanks.

EB




-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.