3. Set up directory ownership and permissions
Updated on February 14, 2026.
This page describes how to configure directory ownership and file permissions for a website located in the /var/www/example.com/html directory. The previous step was configuration of the virtual host.
An Apache HTTP server (Apache2) uses /var/www/html as the default directory for hosting a website. This directory is not located under the user's Home directory (/home/$USER/). Executing CLI (Command Line Interface) Bash commands in this folder requires preceding each command with sudo since the directory is owned by root.
For this and other reasons, some users prefer creating a local website directory under their home directory, for example, /home/$USER/example.com. However, this approach may result in "403 -Access Forbidden" errors. These errors occur because Apache applies restrictive security settings to the /home directory by default. Consequently, placing the website directory under /home/$USER/ is generally not recommended unless the appropriate permissions and Apache configuration adjustments are carefully applied.
3.1. Change the owner of the directory to $USER
By default, the /var/www/example.com/html directory is owned by root. To edit files in this directory without requiring elevated privileges each time, change the ownership from root to your user account by running the following command in a terminal:
sudo chown -R $USER:www-data /var/www/example.com/html
In Linux, every file and directory has both an owner and an associated group. This command sets $USER as the owner, and sets www-data as the group. On most Linux systems, www-data is the standard user and group in Apache web servers.
The "-R" option that follows the chown command specifies a recursive change of ownership of all files and subdirectories.
3.2. Set up permissions for directories (folders)
Prior to this task you may need to read an introduction to Linux permissions.
Set directory permissions to 755 (string notation rwxr-xr-x):
sudo find /var/www/example.com/html -type d -exec chmod 755 {} \;
755 (rwxr-xr-x) is an octal (base-8) value that defines the permissions for the owner (7), group (5), and others (5).
With directory permission set to 755:
- The owner can read (4), modify (2), and run the file (1). For directories, execute (x) means the ability to enter/access the directory.
- Group members can read (4) and run it (1), but not modify it.
- Everyone else can read (4) and run it (1), but not modify it.
This setting is standard for publicly readable and executable content while write access is available to the owner only.
3.3. Set up file permissions
Set file permissions to 644 (string notation -rw-r--r--):
sudo find /var/www/example.com/html -type f -exec chmod 644 {} \;
644 (rw-r--r--) defines the permissions for the owner (6), group (4), and others (4). It is a common permission setting for web files such as HTML, CSS, JavaScript, and images.
With the file access permission set to 644:
- The file owner (often you) can read (4) and modify (2) the file.
- The web server process (e.g., user www-data) can read (4) the file.
- Public users (via Apache) can read (4) the file but cannot modify it.