Welcome to Elgg!
You shouldn't set read/write permissions on the root installed folder for the server user (i.e. www-data, httpd etc) but only local users .
Usually we create another user without root permissions to change, read the root installed folder on his behalf.
chown -R developer:developer /var/www/elgg/
The exception is the data folder.
I also recommend you set chmod 444 on the settings.php file after you've made all the changes you want:
chmod 444 /var/www/elgg/elgg-config/settings.php
Thanks! This helps a lot!
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.