wwwdata user not working when permissions are 400-500 - 403 forbidden access

Question

securing my server i found that using:

find . -type f -exec chmod 400 {} \;
find . -type d -exec chmod 500 {} \;

display 403 forbidden access.

if I use:

find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;

the server displays but i can have access from the internet to some folders directories.

my current folder owners are root - www-data for var/www/domain/public.

i would like to perform 400-500 permissions with my website displaying results on the internet with current www-data user, or another option could be to block directory display of folders. any help appreciated.

score 1 · Accepted Answer · edited Apr 13 '17 at 12:23

The files need r and directory needs to be rx by the user www-data.

So, with what you want ...

find . -type f -exec chmod 440 {} \;
find . -type d -exec chmod 550 {} \;

Just make SURE you run that command from /var/www and not /

See also How to avoid using sudo when working in /var/www? or similar.

You may need looser permissions depending on what you are doing in /var/www. You may need to allow rwx on directories where users would download files, such as avatars on forums for example, or allowing x on CGI .

wwwdata user not working when permissions are 400-500 - 403 forbidden access

1 Answers1