Permission Scheme

771/660 should work. (You want the 1 to allow directory traversals).

Ideally, EACH website runs under a different ID so www-data is not necessary at all. Check with the System Admin to see if php-fm or suphp or something like that is being used.

Thanks Steve.

But according your opinion, is it better to follow Debian’s default webroot policy or FHS? Should I install my web apps in /srv or /var/www?

I don’t use Debian (I’m a RH/Centos/Fedora person), so all my sites are in /var/www/something

Thanks.

But my user, proprietary of directory where i installed wordpress, must be too in the group of Apache user?

not necessarily so, but it helps. ??

I set up my sites so they’re user:group where my personal ID is in the group and ‘user’ is the user of the httpd process (which is unique to the site).

But then you create a group (user Apache and you) for every user that get a web root?

no. (1) Each site runs under a different user. You can do this via mod_ruid2, suphp, or php-fm. (2) I don’t generally use groups. I set up the site as user:user and if I need to edit a file on the server, I use sudo to do so.

Hi Steve. I am tring some configurations to test my environment, i will update you.

I finished my tests, i configured my web root with these settings: rwxrws—, the proprietary is the user and the group is (apache user, user) where the “user” is user that manage wordpress.

Thanks. Goodbye.