Secure permission structure for server blocks?

- - stadtpirat11 at
Mon Sep 9 09:22:50 UTC 2013

Hello everybody,

I am trying to wrap my head around this for weeks now. What is the most secure way to organise the permissions of the web root directories (WRD) for several server blocks. Especially when you have PHP applications like Wordpress that download and create files in the WRD? Latter makes it difficult to control the file's owner, group and permissions.

For as "secure" is the following in my understanding: Hijacked websites (e.g. injections in Wordpress) must not be able to read or write do any other directory outside it's own WRD! I am open for more security tips, but the main topic is about directory permission structure.

I haven't found any solution to my problem in the web, yet.

Thank you


More information about the nginx mailing list