File permissions - 2022 (WordPress)
This article is an extension of Mappen, bestanden & rechten - 2021 (WordPress). The reason for this expansion: As of March 2022, I will no longer be the only one working on the relevant web servers
In the previous iteration of this permissions system, permissions were configured as follows:
- Apache: via group (www-data)
- Administrator: Via owner - That was me myself
- Others: No rights whatsoever.
Why this no longer works:
- An administrator has been added, who works under his own name. He does not have any access to folders or files
- The problem wouldn't be there, if he/she logs in with the same name as me - The situation on CloudWays servers.
Solutions - Long list
- All admins log in with the same account - Not a good idea, if only because of the GDPR and the importance of being able to trace actions to individuals
- Administrators are added to the group www-data
- Administrator rights are controlled via group and Apache rights via Others. Nothing is done with Owner
- When an administrator needs to work with an instance owned by the other administrator: First take ownership of all objects with
chown. Bit of overkill, but it's finally a solution
- Something with ACL?
- Settings or scripts that work with default settings for new objects?
- WordPress.org has this article about permissions. Maybe there's something interesting in there?
Add admins to www-data
I've added admins to this group - Will it really be so easy?