3. Set up directory ownership and permissions
Updated on December 20, 2025.
This page describes setting up directory ownership and file permissions to operate a website located in the /var/www/example.com/html directory. The previous step was configuration of the virtual host.
Apache2 server uses /var/www/html as the default directory for hosting a website. This directory is not under the user Home directory (/home/$USER/), and running Bash commands in it requires preceding each command with sudo as root.
For this and other reasons, some users prefer to setup the localhost directory under the home directory, for example, /home/$USER/example.com. However, this option may lead to "403 -Access Forbidden" errors, preventing display of pages as a result of Apache's security restrictions on /home directory. Therefore, setting the default directory under /home/$USER/ is not recommended.
3.1. Change the owner of the directory to $USER
The default owner of the /var/www/example.com/html directory is root. To edit pages in the directory, change the owner from root to your user name by entering the following command in a terminal:
sudo chown -R $USER:www-data /var/www/example.com/html
In Linux, each file has an owner and a group. This command sets $USER as the owner, and sets www-data as the group. In Linux, www-data is a standard name used for user and group in web servers.
The "-R" option that follows chown command specifies recursive change of ownership of all files and subdirectories.
3.2. Set up permissions for directories (folders)
Prior to this task you may need to read an introduction to Linux permissions.
Set directory permissions to 755 (string notation rwxr-xr-x):
sudo find /var/www/example.com/html -type d -exec chmod 755 {} \;
755 (rwxr-xr-x) is an octal (base-8) value that defines the permissions for the owner (7), group (5), and others (5).
With directory permission set to 755:
- The owner can read (4), modify (2), and run the file (1). For directories, execute (x) means the ability to enter/access the directory.
- Group members can read (4) and run it (1), but not modify it.
- Everyone else can read (4) and run it (1), but not modify it.
This setting is standard for publicly readable and executable content while write access is available to the owner only.
3.3. Set up file permissions
Set file permissions to 644 (string notation -rw-r--r--):
sudo find /var/www/example.com/html -type f -exec chmod 644 {} \;
644 (rw-r--r--) defines the permissions for the owner (6), group (4), and others (4). It is a common permission setting for web files such as HTML, CSS, JavaScript, and images.
With the file access permission set to 644:
- The file owner (often you) can read (4) and modify (2) the file.
- The web server process (e.g., user www-data) can read (4) the file.
- Public users (via Apache) can read (4) the file but cannot modify it.