I’m sad to say I never really learned this properly. I understand what file ownership and permissions ARE, but I’m not really clear on what the “standard” ownership and permissions should be when using LAMP setup on a server (digital ocean droplet in this case).
In the past, I used a web host that I guess took care of these tricky details. Now I need to learn!
(using Ubuntu 20, apache2, php7.4, mysql8)
Ok, so I know that apache has ownership of some files as www-data. I use ftp to upload files to the server. Seems when I upload, the owner of the files is me.
Typically, I don’t want a person visiting my web site to see my php files, but able to have the server “run” them to see their output.
On my previous web host, I used to set the permissions on these files to 640 (I believe) so the php parser could read them, but the web visitor can’t. Worked fine.
Never concerned myself about ownership of the files, because it “just worked”.
So, my questions are:
- Who should “own” the files I upload to the server for php and html files?
- Who should “own” the data files (json or txt files) I upload that are used by the php files? (Likely doesn’t matter since they are inaccessible to the public)
- What permissions should I be using for html and php files?