Reputation: 3134
Appropriate file permissions for websites using Git and FTP
What are the appropriate file permissions for a website which can be updated by either Git (e.g. core app files), FTP (e.g. plugins) or upload forms (e.g. images)?
Users involved:
- root
- apache
- ftpuser
Wordpress would be a good example:
FTP updates change the owner to ftpuser:ftpuser.
Uploaded images are assigned to the apache:apache user by default.
Git updates change everything to root:root.
Most people recommend 755 for folders and 644 for files, assuming everything is owned by the same user, which of course is not the case.
I could create an additional group named web, assign it to all of the above users and simply chown -R root:web, but then I would have to set the default group to web for all these users, which is not something I'm comfortable with.
Upvotes: 1
Views: 274
Answers (1)
Reputation: 5703
- I think you could reconfigure Git to use an SSH key owned by apache:apache, which would make the file owner apache:apache. (Haven't tried this one myself.)
- Check the available options & configuration for your FTP server -- you might be able to run the FTP server as apache:apache, instead of ftpuser:ftpuser. If you support other FTP services that require an FTP server running under ftpuser:ftpuser, you might still be able to do this by running the (second) apache:apache FTP server on a different port.
Upvotes: 1
Related Questions
- Correct file permissions for website directory
- Proper permissions for /var/www
- Maintaining website with Git and more
- Make a git deployment owned by www-data
- deploying a website/webapp via git/gitolite permissions error
- File Access Permissions
- Web project with git - access rights & groups
- FTP User Permissions
- Structuring a central Git remote to serve production Apache sites
- Suggested permissions for website files