Forums

"Default" permissions on a server

Permalink
So I uploaded my site then stupidly changed the permissions to 755 recursively.

Now I'm afraid that it opens up the site to attacks.

What are the default permissions? I know that config and files need 755 or 777 (which one?), but what about the other folders and files? Sadly no information was found in the forum.

I used WinSCP to change the permissions (via Rightclick>Properties)

I'm a total noob to server permissions, so please be gentle.


Can somebody help me?


Thanks in advance,

Daniel
 
CygnetMidwest replied on at Permalink Reply
CygnetMidwest
This is taken directly from this page:
http://www.concrete5.org/documentation/installation/file-directory-...

Check out the page for some other info.
- - - - - - - - - - - -
/files/ and all items within (both files and directories) should be set to be readable and writable by the web server. That can be accomplished in the following ways, from best to worst:

If your server supports running as suexec/phpsuexec, the files should be owned by your user account, and set as 755 on all of them. That means that your web server process can do anything it likes to them, but nothing else can (although everyone can view them, which is expected.)
If 1 isn't possible, another good option is to set the apache user (either "apache" or "nobody") as having full rights to these files
If neither 1 or 2 are possible, chmod 777 to files/ and all items within (e.g. chmod -R 777 file/*)

This must include the cache_objects directory, or you're going to get all kinds of strange behavior with your site.
- - - - - - - - - - - -
Also, some other helpful discussions:

http://www.concrete5.org/community/forums/installation/what-permiss...

http://www.concrete5.org/community/forums/installation/permissions1...
gd42 replied on at Permalink Reply 1 Attachment
Thank you for your reply.

So I have this window (see attachment). How do I know if I own these files?

So I may try and give the folders you listed 0755, but what about the others?

Should I change them to something like 0700 - which seems to be that only the Owner can Read, Write and Execute (I suppose that's what the X means)?
CygnetMidwest replied on at Permalink Best Answer Reply
CygnetMidwest
The X under each column means that that group has access to that permission level. So, in your screen cap, the Owner (you) has Read, Write, and Execute permissions. Since you have Write access, you are the owner. Group has Read and Execute. Everyone else (Others) has Read and Execute.

You don't want to set it so that only the Owner has Read Write Execute. That would lock out your site from the public.

The R column should be checked for all so that anyone can view the site. Standard permissions for a static web site for the root level folder is 644 usually. (public_html is the root level of your site I'm assuming)

Some of the directories within the Concerete5 install need 755. Such as files and packages. If you're going to have a relatively static site though, not much more should need 755.

You may want to check out this post, as it has some more helpful info:
http://www.concrete5.org/community/forums/installation/are-c5-files...