Hi I'm trying to understand what is the absolutely the correct files and folder permissions under Linux/apache?
750 for folders
660 for files?
Also is there other security tweaks that is recommended on a fresh install of owncloud?
Thanks a bunch!
PowerQuest.
There is a documentation available here:
Thank you very much!!
644 on htaccess? Why not a lower number like 404 or 400? (just curious)
Cheers!
Why do you want to block read access to a file where the content is already known and available at e.g. the owncloud installation archive? 
Had missed this question previously. There is also a ownCloud specific documentation for this available at [1]. Additional hardening can be done on Webserver, PHP and Operating System level where you should find some generic guides on the net.
[1] https://doc.owncloud.org/server/latest/admin_manual/configuration_server/harden_server.html
Awersome, thanks a bunch! 
Because of your own security tweaks maybe?
I done a few "hat tracks" on it... 
Cheers! 