I recently had to enable ACL on the partition where the web roots are located and ran into an issue. The issue is that the "web" directory is created with a default acl as follows: # file: webXXX/web # owner: YYY # group: ZZZ user::rwx group::--x other::--x default:user::rwx default:group::--x defaultther::--x The default ACL is group 'x' but no read. This prevents apache from loading any content from the web sites. Also the same ACL is present in the /var/lib/php5-fpm directory (where the sockets are located). This prevents php5-fpm from running. I can easily fix this by hand on current sites. if I change the ACL and the ownership of the files to 641, apache can read, others cannot do anything and owner can read/write (i.e. php). However I'm a little puzzled on why this is happening on this server. And I also think that the problem will present itself on new created sites. Is this a bug or am I missing something or am I wrong ? Any hints are appreciated. Thank you.