LAMP Permissions Ubuntu, Debian


First, you should ensure that your username is included in www-data group. If not, you can add your username as www-data group

sudo adduser user www-data 

user can be changed with your username.

After that, you should change the ownership of /var/www to your username

sudo chown user:www-data -R /var/www 

Next step, you should change permission to 755, not recommend changing permission to 777 for security reason

sudo chmod 0755 -R /var/www
sudo chmod g+s -R /var/www 

Single Line command

sudo chmod 0755 -R /var/www/html/myfolder && sudo chmod g+s -R /var/www/html/myfolder





 For executable files, this means that when the file is executed, it is executed as the group that owns the file, not the group of the user executing the file.

This is useful if you want users to be able to assume the permissions of a particular group just for running one command.

This can represent a security risk when the group security group is more elevated than the user’s group.

Generally, this is safe to use with Apache as it allows the user’s home folder files to be manipulated by the Apache2 group which is the intended behaviour. The Apache2 security group www-data is not considered an elevated group which allows any unsafe operations to already executed programmatically.

In other words, the following would not constitute a security risk as the www folder is already assigned the www-data group.

sudo chmod g+s -R /var/www 

Leave a Reply