if this has been asked before I apologize.
Usually the advice for setting file permission in wordpress are folder 750
and file 640
with user and group www-data
. Based on my understanding if user and group is the same then if somehow outsider can access using www-data
he still can read or write,right?
so what's the point on setting up users and group as www-data
? Is there security reason for this ? I think if file / folder is set as user other than www-data
then the owner permission can be useful.
It's for flexibility. You could add other users to the www-data group and those users could do whatever is permitted by the group flags (which need not necessarily be the same as the user flags).