Recommended user and file permissions

  • Hi!
    I’m using Revisr for quite a while and I love it. But recently a friends’ site was hacked and I wonder if this could happen to me. I ask myself which file owner and which file permissions should be used on a professional site and if this works with Revisr.
    For example on my own site https://www.bjoerne.com there are two users. One user I use myself to login via SSH and one user is used by the webserver (www-data). To use Revisr I changed the owner of all files to www-data. So www-data can update the code which I do via Revisr. Alternatively I could change the permissions of all files to 666 resp. 777.
    But isn’t that a security issue? Or better, wouldn’t it be more secure to give www-data only access to uploads and cache folders? But then Revisr woudn’t work anymore, would it?What is the best practise?
    Best regards,
    Bj?rn

    https://www.ads-software.com/plugins/revisr/

  • The topic ‘Recommended user and file permissions’ is closed to new replies.