I'm trying to figure out what is the best file permissions/user/groups for files under my document root?
I have the following file structure/home/user/public_html/
under public_html are all of my php files and directories.
I have one directory /home/user/public_html/files/ where people upload images to that directory.
What is the most secure way to distribute file permissions/groups/user so that apache can properly display the php files and directories?
Should I make public_html owned by apache? What group should I use for public_html ?
My Favourite mix of permissions for apache is to give it ownership of apache:apache, all folders chmod to 550 or 555, and all files chmod to 440/444. I suggest the following:
/home/user/public_html/ owned by apache:apache with permissions 555 (read/x by everyone) /home/user/public_html/files/ owned by apache:apache with 775 (read/write/x by root/apache, read/x by all)