Best practice for handling www root folder?

[juan]

Can i get an insight on what are the best practice for a secured public_html?

Currently I'm uploading a joomla website on a vps and these is what i planned to do:

• make a non-ssh user, 'user1'
• invite user1 to www-data group
• put the public_html on user1's home
• chown -R user1:ww-data /path/to/public_html

This has been what I've been doing since, but i'm still not sure if it's safe. Thanks!

 

[Melon]

I really don't know. I don't recommend this method, but this is what I do:

• adduser non-root-user www-data
• chmod 2775 /var/www
• chown root:www-data /var/www
• # Set HTTPd to use umask 0002
• # Only work in /var/www with umask 0002 at non-root-user

Not the way to do it, but I don't know much about this stuff! Would also like some input from someone with more experience!

 

[WebSearchingPro]

I would like to point out this is Debian/Ubuntu. Just in-case anyone stumbles upon this.