Set permissions Apache and user ubuntu

Many of the things we have accomplished when configuring our VPS server is done as the user “root”. This is a obstacle to Apache webserver, WordPress and the tools we use to manage the server. We need to give Apache the required permissions to work correctly.

We want to be able to control the server with tools like an SSH client, SFTP client, WP-CLI, and WordShell. We will need to give the VPS user “ubuntu” the required access to the files and folders that constitute WordPress.

Short version:

Change the permission on /var/www/ and all subfolder with the following command:

sudo chown -R ubuntu /var/www/ && sudo chown -R www-data /var/www/ && sudo chgrp -R www-data /var/www/ && sudo find /var/www/ -type f -exec chmod 644 {} \; && sudo find /var/www/ -type d -exec chmod 755 {} \; && sudo chown www-data:www-data -R /var/www/ && sudo usermod -aG www-data ubuntu && sudo chmod -R g+w /var/www/

Change ownership and delegate access

To verify that the permissions are correct:

cd /var/www/MyDomain1.com

Then issue the command:

sudo ls -l /var/www/MyDomain1.com

Both the user and group should be “www-data“. If this is not the case, then here is how to correct this:

Set the right permissions on files and folders

The Apache web server needs permission to run WordPress.
Change the owner of the files with this command:

sudo chown -R www-data /var/www/MyDomain1.com

moreover, alter the group with this command:

sudo chgrp -R www-data /var/www/MyDomain1.com

Set all files to 644 with this command

sudo find /var/www/MyDomain1.com/ -type f -exec chmod 644 {} \;

Set all folders to 755 with this:

sudo find /var/www/MyDomain1.com/ -type d -exec chmod 755 {} \;

The WordPress configuration file wp-config.php needs extra protection with the 660 rights

sudo chmod 660 /var/www/MyDomain1.com/wp-config.php

Apache needs access both as a group and a user.

sudo chown www-data:www-data -R /var/www/MyDomain1.com/

Get access with SFTP, WP-CLI, and WordShell

The user ubuntu needs to access the websites directory tree and home folder with the admin tools SFTP, SSH, WP-CLI, and WordShell.
This command adds the user ubuntu to the group www-data:

sudo usermod -aG www-data ubuntu

and

sudo chmod -R g+w /var/www/MyDomain1.com

If needed restart SSHD or the VPS server to make sure that the permission has taken effect.
To reset the SSHD server

sudo systemctl restart sshd.service

To reset the Apache server

sudo service apache2 restart

Or restart the VPS server:

sudo restart now

Chaining the commands together

When you are setting up many sites try chaining together the commands using

&&

This will run all the commands one-by-one. If something goes wrong. The process will stop with an error message.

sudo chown -R www-data /var/www/html/ && sudo chgrp -R www-data /var/www/html/ && sudo find /var/www/html/ -type f -exec chmod 644 {} \; && sudo find /var/www/html/ -type d -exec chmod 755 {} \; && sudo chown www-data:www-data -R /var/www/html/ && sudo usermod -aG www-data ubuntu && sudo chmod -R g+w /var/www/html/ && sudo chmod 660 /var/www/html/wp-config.php

To make sure that the changes take effect. Restart apache and the SSHD server:

sudo systemctl restart sshd.service

sudo service apache2 restart

Chaining commands are faster than running all these commands once at a time:

sudo chown -R www-data /var/www/html

sudo chgrp -R www-data /var/www/html

sudo find /var/www/html -type f -exec chmod 644 {} \;

sudo find /var/www/html -type d -exec chmod 755 {} \;

sudo chown www-data:www-data -R /var/www/html/

sudo usermod -aG www-data ubuntu

sudo chmod -R g+w /var/www/html

When you have many VPS servers

WordPress JeOS servers are budget friendly. Instead of running the heavy load on a single server, it could be wise to distribute your WordPress sites to several EC2 VPS servers.
Use your SSH client and log in to MyServer1.com, MyServer3.com, and MyServer2.com and verify that the user “ubuntu” has the rights to perform actions on all your websites on all of your VPS servers.

When you want to WordShell to administer many VPS servers you need to configure SSH as described here:
Setting up SSH to work with WordShell

After this, you would be ready to administer all your WordPress sites on all of your VPS servers with WordShell, WP-CLI, SFTP and SSH from your mobile, tablet, Windows, Mac or whatever you choose as your favorite tools.