File System Security and Permissions

1 min read Web Security Fundamentals

File System Security and Permissions

Proper file permissions prevent unauthorized access and modifications. Set correct ownership and permissions for web server directories:

# Apache
sudo chown -R www-data:www-data /var/www
sudo find /var/www -type d -exec chmod 755 {} \;
sudo find /var/www -type f -exec chmod 644 {} \;

# Nginx
sudo chown -R www-data:www-data /usr/share/nginx/html
sudo find /usr/share/nginx/html -type d -exec chmod 755 {} \;
sudo find /usr/share/nginx/html -type f -exec chmod 644 {} \;

# Secure configuration files
sudo chown root:root /etc/apache2/apache2.conf
sudo chmod 644 /etc/apache2/apache2.conf
sudo chown root:root /etc/nginx/nginx.conf
sudo chmod 644 /etc/nginx/nginx.conf

Create separate directories for logs with appropriate permissions:

# Create secure log directories
sudo mkdir -p /var/log/apache2
sudo mkdir -p /var/log/nginx
sudo chown -R root:adm /var/log/apache2
sudo chown -R root:adm /var/log/nginx
sudo chmod 750 /var/log/apache2
sudo chmod 750 /var/log/nginx