diff --git a/advanced/Templates/pihole-FTL-prestart.sh b/advanced/Templates/pihole-FTL-prestart.sh
index abeaabc4..c6817828 100755
--- a/advanced/Templates/pihole-FTL-prestart.sh
+++ b/advanced/Templates/pihole-FTL-prestart.sh
@@ -16,6 +16,10 @@ chown -R pihole:pihole /etc/pihole /var/log/pihole
 chmod -R 0640 /var/log/pihole
 chmod -R 0660 /etc/pihole
 
+# Logrotate config file need to be owned by root and must not be writable by group and others
+chown root:root /etc/pihole/logrotate
+chmod 0644 /etc/pihole/logrotate
+
 # allow all users to enter the directories
 chmod 0755 /etc/pihole /var/log/pihole
 
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index ac516415..4d656283 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1483,7 +1483,8 @@ installLogrotate() {
         return 2
     fi
     # Copy the file over from the local repo
-    install -o pihole -g pihole -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate ${target}
+    # Logrotate config file must be owned by root and not writable by group or other
+    install -o root -g root -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate ${target}
     # Different operating systems have different user / group
     # settings for logrotate that makes it impossible to create
     # a static logrotate file that will work with e.g.