diff --git a/scripts/install b/scripts/install
index 6fd3eef..03cc8dc 100644
--- a/scripts/install
+++ b/scripts/install
@@ -131,7 +131,9 @@ fi
 chown -R $app: "$final_path"
 # Home directory of the user needs to be owned by root to allow
 # SFTP connections
-chown root:$app "$final_path"
+chown root:root "$final_path"
+setfacl -m g:$app:r-x "$final_path"
+setfacl -m g:www-data:r-x "$final_path"
 chmod o-rwx "$final_path"
 
 #=================================================
diff --git a/scripts/restore b/scripts/restore
index b626768..5824cb5 100644
--- a/scripts/restore
+++ b/scripts/restore
@@ -91,9 +91,11 @@ ynh_restore_file --origin_path="$final_path"
 
 # Restore permissions on app files
 chown -R $app: "$final_path"
-# Home directory of the user need to be owned by root to allow
+# Home directory of the user needs to be owned by root to allow
 # SFTP connections
-chown root:$app "$final_path"
+chown root:root "$final_path"
+setfacl -m g:$app:r-x "$final_path"
+setfacl -m g:www-data:r-x "$final_path"
 chmod o-rwx "$final_path"
 
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index b02ba33..7ba3989 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -192,7 +192,9 @@ fi
 chown -R $app: "$final_path"
 # Home directory of the user needs to be owned by root to allow
 # SFTP connections
-chown root:$app "$final_path"
+chown root:root "$final_path"
+setfacl -m g:$app:r-x "$final_path"
+setfacl -m g:www-data:r-x "$final_path"
 chmod o-rwx "$final_path"
 
 #=================================================