Server

Managing File Permissions and Groups for Your Web Project

When managing a web project on a Linux server, such as a Laravel application in `/var/www`, it's important to set the correct file permissions and user groups. This ensures security, collaboration, and proper operation of your application.

1. Why use groups?

Groups allow you to give multiple users the same permissions to certain folders and files.
For example: the web server (www-data) and your own user must both have write permissions in the project folder.
By adding a group and making both users members, you prevent permission issues.

2. Create a Group

First, create a new group, for example, webgroup:

sudo groupadd webgroup

3. Add Users to the Group

Add the web server user (www-data) and your own user to this group:

sudo usermod -aG webgroup www-data
sudo usermod -aG webgroup yourusername

Tip: Replace yourusername with your own username on the server.

4. Assign Permissions to Folders and Files

Now set the correct permissions on your project folder (for example, /var/www/yourproject):

Give read, write, and execute permissions to the owner and group (775) for folders.
Give read and write permissions (664) to files for the owner and group.

Run the following commands:

sudo chmod -R 775 /var/www/yourproject 
sudo find /var/www/yourproject -type f -exec chmod 664 {} \; 
sudo find /var/www/yourproject -type d -exec chmod 775 {} \;

5. Set group as default for new files (setgid)

By setting the setgid bit on directories, new files and directories automatically inherit the group of the parent directory:

sudo chmod g+s /var/www/yourproject

6. Change file owner and group

Ensure the owner is the correct user (for example, yourusername) and the group is webgroup:

sudo chown -R yourusername:webgroup /var/www/yourproject

7. Grant group read and write permissions

Give the group read and write permissions on all files and directories:

sudo chmod -R g+rw /var/www/yourproject

8. Verify success

ls -l /var/www/yourproject/composer.json

You should see something like:

-rw-rw-r-- 1 yourusername webgroup 12345 Sep 5 12:00 composer.json

This means that the owner and group have read and write permissions.

9. Repeat if necessary

For changes or new files, it is sometimes necessary to repeat these steps to keep permissions consistent.

Summary of commands

sudo groupadd webgroup
sudo usermod -aG webgroup www-data
sudo usermod -aG webgroup yourusername

sudo chmod -R 775 /var/www/yourproject
sudo find /var/www/yourproject -type f -exec chmod 664 {} \;
sudo find /var/www/yourproject -type d -exec chmod 775 {} \;
sudo chmod g+s /var/www/yourproject
sudo chmod -R yourusername:webgroup /var/www/yourproject
sudo chmod -R g+rw /var/www/yourproject

These settings ensure that you and the web server can collaborate on the project files without any security issues or file permission conflicts. Good luck managing your server files!

Edit this pageorReport an issue

Accessing Your Server Database Locally via SSH Tunnel

This guide will teach you how to access your server's database locally via an SSH tunnel. This allows you to open your database locally through a browser or client, without having to expose it publicly.

Domain Management on your Strato Server

In this tutorial, we'll explain how to add a new website to your Strato server, configure it in Apache, and set up HTTPS with Certbot. This guide assumes you have a working server with Apache and Certbot installed.