I was always curious what is the best practice for production web pages ran by Apache2 and PHP of folder ownerships and permissions.
Lets say /srv/www/my-web
is a public folder accessed via http.
How the ownership and permissions should be set to be as restrictive as possible?
My example would be:
drwxr-xr-x my-user:www-data /srv/www/my-web
-rw-r--r-- my-user:www-data /srv/www/my-web/index.php
drwxrwxr-x my-user:www-data /srv/www/my-web/cache
-rw-rw-r-- my-user:www-data /srv/www/my-web/auto-generated-file.php