When assigning permissions, directories are set to 755 and files to 644 to avoid global write permissions and increase security. Files and folders are changed from the user "apache" to the FTP user to prevent permission issues. Using FastCGI allows working with only one user. It is recommended not to set files to global (777) permissions anymore to ensure security. More information on protecting data from manipulation can be found in the linked article about FastCGI.
When assigning permissions, we generally perform two steps:
- Assign permissions for globally shared directories to 755 and files to 644.
- Change ownership of files and folders from the user "apache" to your FTP user.
By assigning permissions this way, your data is no longer globally writable, which increases security. With the switch to FastCGI, only one user—the FTP user—is used, thus avoiding permission issues. Please make sure that you no longer set files to global (777) permissions in the future, as this is no longer necessary and security is thereby maintained.
To protect your data from manipulation, please proceed as described in the article FastCGI: Protecting Web Data from Manipulation.