Apache default ownership & permissions

I’m sad to say I never really learned this properly. I understand what file ownership and permissions ARE, but I’m not really clear on what the “standard” ownership and permissions should be when using LAMP setup on a server (digital ocean droplet in this case).
In the past, I used a web host that I guess took care of these tricky details. Now I need to learn!

(using Ubuntu 20, apache2, php7.4, mysql8)
Ok, so I know that apache has ownership of some files as www-data. I use ftp to upload files to the server. Seems when I upload, the owner of the files is me.
Typically, I don’t want a person visiting my web site to see my php files, but able to have the server “run” them to see their output.
On my previous web host, I used to set the permissions on these files to 640 (I believe) so the php parser could read them, but the web visitor can’t. Worked fine.
Never concerned myself about ownership of the files, because it “just worked”.

So, my questions are:

  1. Who should “own” the files I upload to the server for php and html files?
  2. Who should “own” the data files (json or txt files) I upload that are used by the php files? (Likely doesn’t matter since they are inaccessible to the public)
  3. What permissions should I be using for html and php files?

@Tim ?

Or just point me to some links that might help me understand better. My initial googles only brought up discussions, no real reference material…

If you’re starting a journey into DIY hosting, I would recommend CentOS 7 and CentOS Web Panel. CWP is a great free web panel (like cPanel) to help you manage your server.

I’m sure in your searching you’ve stumbled across this answer about permissions?

Thanks, Tim.
Would like to stick with Ubuntu if possible. Is there a cPanel equivalent for that?
I think I saw that post regarding ownership and permissions, but wasn’t sure if it was “best practices”. Reading it again, it does look like good info.

I’m not sure, when I last needed to switch to DIY I ended up with CentOS and CWP.

1 Like