diff --git a/templates/deployment.yaml b/templates/deployment.yaml
index e6bf23d..0823683 100644
--- a/templates/deployment.yaml
+++ b/templates/deployment.yaml
@@ -14,6 +14,9 @@ spec:
       labels:
         {{- include "wordpress-nginx.selectorLabels" . | nindent 8 }}
     spec:
+      securityContext:
+        fsGroup: 82
+        fsGroupChangePolicy: "OnRootMismatch"
       initContainers:
         - name: wordpress-init
           image: "{{ .Values.image.wordpress.registry }}/{{ .Values.image.wordpress.repository }}:{{ .Values.image.wordpress.tag }}"
@@ -22,12 +25,19 @@ spec:
           args:
             - |
               if [ ! -f /var/www/html/wp-config.php ]; then
-                cp -r /usr/src/wordpress/* /var/www/html/
-                chown -R www-data:www-data /var/www/html
+                echo "Initializing WordPress files..."
+                cp -rp /usr/src/wordpress/* /var/www/html/ 2>/dev/null || true
+                echo "WordPress files copied successfully"
+              else
+                echo "WordPress already initialized"
               fi
           volumeMounts:
             - name: wordpress-data
               mountPath: /var/www/html
+          securityContext:
+            runAsUser: 82
+            runAsGroup: 82
+            fsGroup: 82
       containers:
         - name: nginx
           image: "{{ .Values.image.nginx.registry }}/{{ .Values.image.nginx.repository }}:{{ .Values.image.nginx.tag }}"
@@ -53,6 +63,9 @@ spec:
         - name: wordpress
           image: "{{ .Values.image.wordpress.registry }}/{{ .Values.image.wordpress.repository }}:{{ .Values.image.wordpress.tag }}"
           imagePullPolicy: {{ .Values.image.wordpress.pullPolicy }}
+          securityContext:
+            runAsUser: 82
+            runAsGroup: 82
           env:
             - name: WORDPRESS_DB_HOST
               value: {{ .Values.wordpress.dbHost | quote }}