Apache, Linux, Wordpress and Permissions - Server stuff!

Hi guys, it's my first post here! And already a question... :slight_smile:

I have a VPS in which my www/wordpress folder is owned byjohn and also is group-owned by apache. apache also is the webserver user. So, in httpd.conf the user and group name are apache, just to be clear.

Which permissions should I set in general to folders and files?

Folders = 755?
Files = 644?

The thing is, in some folders like the wp-content and some others, the permissions need to be 775, in order to let Apache create folders, and I'm afraid that this is a security issue. So my real question is:

Is this really a security issue, in my situation? Take in account that I'm using a VPS (Virtual Private Server) and there is no other user in my server.