Server security, website security


What is the security of the great god server? Set directory permissions?

Regarding server security, which involves a wide range of flour, I would like to focus on the second question. How do I set the permissions of the web directory?

  • Under normal circumstances, it is necessary to set the user group web and affiliated user www running on apache/nginx and php.

  • Set the users and user groups of the web directory to www and web as follows: chown-RWeb: WWW/USR/LOCAL/Nginx/HTML

  • Setting the permissions of the web directory to 750,750 is the www user’s right to read, write and execute the directory, so the www user can create files in any directory, and the user group has the right to read and execute, so as to enter the directory, and other users do not have any permissions.

  • Setting the file permission under the web directory to 640,640 means that only www users have the permission to change the website file, the web server only has the permission to read the file, cannot change the file, and other users do not have any permission.

  • Some special directories give writable permissions, such as cache directory and upload directory.