Web server file permissions

Public web server should provide a high level of security. On the other hand web applications may require some write permissions to the file system. Although changing the permission with chmod to 0777 is one possible solution, it allows read, write and execute commands for everyone. The better solution is to set the owner of the web application to the user of the web server.

Linux requires to have superuser privileges to change the owner or the group via chown command (abbreviated from change owner)


Debian based Linux distributions the web server runs under the user www-data.

Change the owner of /path/to/directory to www-data and the group to www-data:

# sudo chown -R www-data:www-data /path/to/directory

See Also

External links