Question posted in 
Magento officially recommends to set the permission of all folders to 700 and of files to 600. (Source)
They instruct us to execute these commands to set the permissions:
find . -type d -exec chmod 700 {} ;
find . -type f -exec chmod 600 {} ;
However, now I get 403 forbidden when I try to access the site.
Should I change it to 766 (folders) and 666 (files) instead?
2
Answers
It depends very much on the configuration of your system.
When you are setting all permissions with the command of your question, executed as root, you are allowing only the root user to access these files.
The permission mask reads as follows:
So a permission mask of
600with a root ownership wouldn’t let the webserver’s user (or php process’ user) to read or access those files.The first step would be to find out ther user that’s running your webserver (Apache, Nginx, or whatever you are using), and the user assigned to your php process (in case you are using something like php-fpm).
If you are on an Ubuntu system, more likely than not that user is
www-data. But you should make sure, since the details are configuration dependent.Assuming the user you got is
www-data, you go to the directory where you were runnig thechmodand change all the files so they are owned by this user:Later you apply the permissions from your question, and it should work.
Note: This is probably not how I would set up an installation, security wise, but that is beyond the scope of the question.
You should change the ownership like this:
Also set magento required permission to files and folder
Hope these help.