Home/ Questions/Q 3501634
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-18T12:53:02+00:00

After years of using chmod 777 to solve PHP write permission woes, I want

  • 0

After years of using chmod 777 to solve PHP write permission woes, I want to know the proper way of solving the problem.

I have a website on my server owned by user1 in group user1. There is a folder in this website called uploads.

Normally to get writing with PHP to work, I have to chmod this folder to 777. But I obviously recognise this is dangerous and incorrect, and I want to setup the permissions properly to minimise risk.

From my limited knowledge, I see two options,

  1. I chown the uploads folder so that it’s owned by apache. This way, I can just use the default permissions and apache can happily write to the folder.
  2. I add a second group to apache of user1. I then give write permission to the owner and group on uploads, which should allow apache to write to uploads?

My question is, what is the best approach? Is it one of the above or something completely different?

If the best solution is #1, how can user1 also write to uploads over SFTP as that solution will not let them?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    In my current company, we set the apache group to the group that owns the folder, so you just need to do chmod 770 on the folder to give permissions to that particular group to do funny stuff on that folder.

    However you still to remember to protect your application from malicious user, as the PHP script being run, if sufficiently insecure, can still do damage to the folder.

    • 0