Hi,

After installing phplmyadmin and adding it with webapp-config to the
default vhost, located in /var/www/localhost/htdocs, I noticed that the
permissions from /var/www were root:root 0755.

This means that for example
/var/www/localhost/htdocs/phpmyadmin/config.default.php is readable by
world, and since this contain a password used to connect as the pma user
to MySQL, and is potentially dangerous.

So I made apache:apache the recursive owner of /var/www and also
chmodded it with -R 2700.

Is this the standard way or are there better ways?

Thanks,

Wimmy