Home / ubuntu / Questions / 386928
Accepted
Hossein Hosseinvand
Asked: 2013-12-06 23:38:58 +0800 CST

default permissions for /var/www

  • 772

I was trying to open a file and write to it with PHP at /var/wwwfolder but it wasn't working so I did

sudo chmod 777 /var/www

now I want to set the permissions for /var/www to the default.
what are the default permissions for /var/www?

permissions

5 Answers

  1. The default permission for /var/www itself is a pretty standard one: owner root:root and mod 755.

    As for anything inside /var/www, that is one of the rare directories where you have the privilege of deciding for yourself what to put in it and what permissions everything in it should have. But what makes the most sense is:

    • Most files should be writable by whichever user or group is going to be writing to them most. You can set them to be owned by your user account. Or set up a custom group for your developers. Or if the files will be modified rarely and you want good security, you can go with root:root and just sudo in on the rare occasions they'll be modified.

    • Most files should not be world-writable. So, 644 for files, and 755 for directories is appropriate (or 664 and 775 if you want to give a group write access).

    • It is not recommended to set any of it to be writable by the web server, ie www-data, except for any specific files your web scripts to be able to write to. If so, it's better to set the user or group of those files to www-data than to make them world-writable. Note that any time the www-data user can write to any file within the web root, whether it's by setting the user or group on those files, or making them world-writable, it's a potential security problem. World-writable is just the worse of the two.

    • 61
  2. Best Answer

    The permissions on this folder are:

    chmod 755 /var/www/

    and the files inside the folder are:

    chmod 644 /var/www/file
    • 36

  3. Make sure the group is www-data on '/var/www'.

    sudo chgrp www-data /var/www

    Make it writable

    sudo chmod 775 /var/www

    set group id for subfolders

    sudo chmod g+s /var/www

    add your username to the group

    sudo useradd -G www-data [USERNAME]
OR
usermod -a -G www-data [USERNAME]

    give yourself ownership

    sudo chown [USERNAME] /var/www/
    • 11 
  4. sudo adduser $USER www-data
sudo chown root:root /var/www


sudo chown -R $USER:www-data /var/www/*
sudo chmod -R 755 /var/www
    • -1

  5. for what it's worth (I may be wrong-more testing to do) make sure that the files that you are transferring are "owned" by the user that logs in to BOTH machines. so for /var/www/website the webdir on the source machine is owned by kevin and the user on the dest machine was me too. i will do further testing once I have time. Thanks

    • -1