Chmod data folder on shared-host?

Hey I do not want to open my server to other people. May I ask what chmod every folder needs to have in order to stay secure? I’m asking especially for the data folder where my stuff is.

Does it need 750 or 755? and how about the other folder?

750 is alright.
Just be aware that
chmod 750 /var/www/nextcloud/*
would also effect files.

What you can safely do is run the following two commands for your nextcloud installation folder:

find /path/to/nextcloud/ -type d -print0 | xargs -0 chmod 750
find /path/to/nextcloud/ -type f -print0 | xargs -0 chmod 640

First command is for all folders, second for all files.
Please make really sure, that you enter the correct path. Entering just find / -type f ... (=root) for example could break your whole server.

You can run these commands then also for your nc data directory:

find /path/to/nc-data/ -type d -print0 | xargs -0 chmod 750
find /path/to/nc-data/ -type f -print0 | xargs -0 chmod 640

If you’re not sure what you are doing please double check or ask back.

Thanks for you answer. It has 755, is this fine as well?

Now it has 770. It does change from time to time.

well…

are 755 and 770 fine? :frowning: I’m on a shared-hosting service.

770 is also fine, as long as the group is the user’s group or root and not a group were may other users belong to. So say
drwxrwx--- www-data:www-data foldername
That’s alright.

If it’s
drwxrwx--- www-data:spygroup foldername

then it’s not that good :wink:

I don’t know much about shared hosting, but that the permissions change “randomly” sounds very strange to me. Maybe some jobs that run daily to “correct” unwanted permissions.