First step to ensure that your WordPress website is secure, is to set proper file permissions rights. Wrong file permissions can easily lead to hackers gaining access to your website. So, after you first install WordPress, no matter what method you used, you must check those rights and set them properly.
When you first install WordPress, you can do it manually or you can use some sort of install script that is usually offered by the shared hosting companies. In my experience, those scripts usually do a good job in setting at least initial file permissions to all files and folders. But, on the other hand that may not always be the case, and you can end up in problems.
Main issue is to allow WordPress to access files and folders it needs to be able to work properly, and in the same time not to set permissions too loose so that it can be exploited. To change the file permissions, Linux uses CHMOD command. Permissions for files and folders are represented by three values controlling access for file owner, for owner group and for everyone else (world). And each of these controls 3 rights: read, write and execute. There are different ways to display file permissions, and most common is to use 3 numbers: first for owner, second for group and third for world. File system and file permissions can be very complex, and more info on how all that is working can be found on URL’s at the bottom of this articles.
Since we are talking about file system on your server, referring to users and groups has nothing to do with WordPress. User or owner is your account on the server not in WordPress.