nginx + WordPress: Proper user/file permissions for SFTP + auto update?

Question

I used this guide to install nginx and WordPress on a Ubuntu VPS. The guide instructs you to set the owner of the /var/www directory to nginx:nginx. When I use SFTP, I log in with the name ubuntu, but this name doesn't have permission to write any of the files that nginx owns.

My question is... what would be the ideal way to do the following:

1. To grant user ubuntu proper permission to write to files in /var/www via SFTP
2. Keep nginx the owner of /var/www so WordPress can continue to auto-update files

Would it be as simple as adding ubuntu to the nginx group? My concern is security, and I'm wondering what would be the most secure way of accomplishing the above.

Answer 1

You can add new (or edit existed www.conf) php pool here /etc/php5/fpm/pool.d/*.conf to work with any user+group impersonation. For example.