default permissions for /var/www

permissions apache2 php chmod
197,731

Solution 1

The permissions on this folder are:

chmod 755 /var/www/

and the files inside the folder are:

chmod 644 /var/www/file

Solution 2

The default permission for /var/www itself is a pretty standard one: owner root:root and mod 755.

As for anything inside /var/www, that is one of the rare directories where you have the privilege of deciding for yourself what to put in it and what permissions everything in it should have. But what makes the most sense is:

  • Most files should be writable by whichever user or group is going to be writing to them most. You can set them to be owned by your user account. Or set up a custom group for your developers. Or if the files will be modified rarely and you want good security, you can go with root:root and just sudo in on the rare occasions they'll be modified.

  • Most files should not be world-writable. So, 644 for files, and 755 for directories is appropriate (or 664 and 775 if you want to give a group write access).

  • It is not recommended to set any of it to be writable by the web server, ie www-data, except for any specific files your web scripts to be able to write to. If so, it's better to set the user or group of those files to www-data than to make them world-writable. Note that any time the www-data user can write to any file within the web root, whether it's by setting the user or group on those files, or making them world-writable, it's a potential security problem. World-writable is just the worse of the two.

Solution 3

Make sure the group is www-data on '/var/www'.

sudo chgrp www-data /var/www

Make it writable

sudo chmod 775 /var/www

set group id for subfolders

sudo chmod g+s /var/www

add your username to the group

sudo useradd -G www-data [USERNAME]
OR
usermod -a -G www-data [USERNAME]

give yourself ownership

sudo chown [USERNAME] /var/www/
Share:
197,731

Related videos on Youtube

Hossein Hosseinvand
Author by

Hossein Hosseinvand

Updated on September 18, 2022

Comments

  • Hossein Hosseinvand
    Hossein Hosseinvand over 1 year

    I was trying to open a file and write to it with PHP at /var/wwwfolder but it wasn't working so I did

    sudo chmod 777 /var/www

    now I want to set the permissions for /var/www to the default.
    what are the default permissions for /var/www?

  • thomasrutter
    thomasrutter almost 10 years
    That is not the default permissions for /var/www, and it's a very bad idea security-wise to make the whole web root writable by www-data. Only do this when web scripts need write access to particular files, and even so only do it to those particular files, not to the entire web root. And the OP did not say he needed to do this, anyway, so this should not be a recommendation at all.
  • thomasrutter
    thomasrutter almost 10 years
    Also it's a very bad idea to add yourself to the www-data group and treat that group in that manner. Where did you read to do this? It's particularly bad advice, almost maliciously so. Create your own groups when you need to give a group access to something: don't re-use the unprivileged groups that are intended for internal use by daemons.
  • Chris
    Chris over 9 years
    Upvoted as most conclusive answer here
  • abhishek77in
    abhishek77in over 9 years
    @neon_overload what do you recommend
  • kamil
    kamil over 9 years
    @Banago personnaly I recommend a +1 :)
  • thomasrutter
    thomasrutter over 9 years
    @Banago & aWebDeveloper did you see the answer I wrote to this question? Still have questions?
  • Banago
    Banago over 9 years
    Now, this is a really good answer. :)
  • Abraham Murciano Benzadon
    Abraham Murciano Benzadon almost 6 years
    to improve the answer, consider adding commands to set the appropriate parmissions
  • Maciek Semik
    Maciek Semik over 5 years
    Is there a recursive function that can change all folders to 755 and files to 644 inside var/www?
  • thomasrutter
    thomasrutter over 5 years
    Yep: stackoverflow.com/questions/18817744/… (the second answer is more elegant than the accepted one IMO)
  • Zanna
    Zanna over 4 years
    Depending on the contents, it may be harmful to use the -R flag here. Since the OP did not use the -R flag, we should not recommend it to correct the wrong permissions they created. The -R flag is rarely helpful!
  • ThunderBird
    ThunderBird almost 3 years
    This answer seems opinionated to me...

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

chmod 777 in php
Unable to write in the Directory - Digital Ocean
How to make php webpage to access the file in /root directory?
How do I set up a localhost website?
Ubuntu Server 17.04 - 403 Forbidden
Apache 403 Forbidden Error
Reset default permissions for /var/www
What will be result of chmod -R 777
Permissions for apache webroot folder on dev server?
CHMOD folder permissions to access by http