Copying files and folders to /var/www/html - inherit permissions of ./html

I want to enforce web server security and maintain 750 for folders and 640 for files - even when copying, at all times, under all circumstances. So far, I've got this working quite well. This is what I did: sudo chown -R kilomike ./html (Set owner to my user, the sole user) sudo chgrp -R apache ./html (set group to apache so it can work) sudo chmod g+s ./html (set the group ID so new files/folders inherit the group) sudo setfacl -d -m g::rx ./html (only allow group to read and execute [should be safe, because file creation using touch and other methods doesn't set execute bit]) sudo setfacl -d -m o::- ./html (don't allow other group to even look at it) This works great for the most part. However, I just KNOW that when I copy a folder or file in to /var/www/html/* I'm going to forget to update its permissions. What I want is 750 for folders, 640 for files, which is what I attempted to do with setfacl. Despite the fact that technically I set it to 750 (group is r-x and other is ---), I think when I create a FILE it won't (hopefully) apply the execute bit for either the owner or group. This seems to be working, as per ls -l or getfacl. My problem is when I copy a folder that was created by some other user, or downloaded from the web, it will preserve the owner, group, and other permissions. I DON'T want that, as I want my /var/www/html folder to have the same permissions for EVERY file and folder inside it. Does anyone know how to do it? Is the best way to do it with an incron job (e.g. change on /var/www/html or any file/folder inside it, then "refresh" permissions for EVERYTHING), or is there a better way?