after apache2 install, I added this user www-data to the group of personal account hosek.
root@hp:~# groups www-data
www-data : www-data hosek
root@hp:~#
Group permissions to DocumentRoot folder are OK.
hosek@hp:/home$ ls -la
total 12
drwxr-xr-x 3 root root 4096 kvě 1 23:13 .
drwxr-xr-x 20 root root 4096 kvě 1 22:32 ..
drwxr-x--- 24 hosek hosek 4096 kvě 3 15:53 hosek
hosek@hp:/home$
But when I access site, it shows me Forbidden. Why?
Just note, when I set x for others on hosek folder, it works. But it should work in 1st case?
Thanks.
UPDATE
What is best practice in case you want website data in specific folder? About security related to /var/www/html/ via ssh, read level-up folders is possible, for example you can see files in /var or in /.
How can I restrict this browsing folder on level-up related to ssh connection? It is good practice? And really only this way?
https://www.cyberciti.biz/faq/debian-ubuntu-restricting-ssh-user-session-to-a-directory-chrooted-jail/
Maybe some complete manual would be very useful?
Thank you.
