chmod folders or files after install?
chmod -R ug+rwX config files updates packages
But I was wondering, should I change the permissions (CHMOD) on these folders *after* I install for security purposes?
For example, with Wordpress I might make my config file 777 to install, but after installation I change it to 644 or even 444.
- /files (+ all its subfolders)
- /packages (+ all its subfolders)
- /updates (+ all its subfolders)
Some add-ons also require other folders, such as Designer Content which requires write access to /blocks. Also, some add-ons might be changing your configuration in /config folder.
Then if you want to do compare, you should have execute access to this file for your web server process:
Antti / Mainio
CHMOD -R ug+rw folders packages config blocks updates .htaccess
i.e. users and groups can read, write, but not execute?
chmod ug+x concrete/libraries/3rdparty/htmldiff.py
And these work only if the folders are owned by the web process user or the web process user belongs to the owner group of these folders because you're using "ug".
I found if I make the files folder anything other than 777 I can't upload or delete files...is there anything less permissive I can set it to?
Like, if I try to remove read-write-execute for others on files
chmod o-rwx files
I seem to have to add back "read", "write" and "execute" for files otherwise I can't upload or delete files from the files manager.
chown -R your_own_user:web_server_user_group .
That will change ownership so that the group that your web server process belongs to (usually it has the exactly same name) to those files/dirs.
For "u" to access those, the user needs to own those files, and for "g" to access those, the group needs to own those files.
If you check with:
You can see the current owner user before the ":" character and current owner group after the ":" character. I suppose your web server process user is neither of those.