General Community > Scripting Help

Forum just showing white screen

<< < (3/3)

ChalkCat:

--- Quote from: Arantor on May 06, 2012, 02:12:37 PM ---Make sure all your files are not writable, use 644 permissions for files and 755 for folders - you can set that from Admin > Packages > Options.

--- End quote ---

Thanks, I've just looked in there but I can't see how to select those settings.  I plumped for the "Use predefined permission profile: Restricted - minimum files writable" but looking in my FTP nearly everything is now set to 755 whether file or folder, with a few 705s and a few 604s - how do I change it all to what you said without changing them manually through my FileZilla one by one?

Apologies if I have my dumb blonde head on, but it is Sunday....  :P

Arantor:
I thought you could set it via the admin panel (though restricted would work)... having files be 755 isn't really a problem and neither is 705/604, the key point generally is that the second and third digits aren't 6 or 7.

Though even that isn't necessarily safe, where you have files added during mod installs - that's actually still a security risk because it's still writable by the webserver itself (and thus vulnerable however you slice it)

Joey Smith™:
You also have to bear in mind that the host themselves often times force this issue themselves with incorrectly configured servers that require 0777. Especially after a user starts installing mods that edit files, since they could then become owned by the webserver and then require 0777 if the account user is to edit their own files or change the permissions back to a sane value.

MrPhil:
If you can figure out how to run a "shell script" on your server (e.g., 1-shot cron job or SSH access), you could change all permissions to 755 (directories) and 644 (files), or even 555 and 444. Certain directories such as attachments and avatars may have to be left writable (755 or 775 or even ! 777). When you want to make some change (mod install, update, etc.), run another script to change all directories and files to writable (by SMF via PHP), make your changes/uploads, and run the original script to restore permissions to read-only.

On a Linux system, a "readonly" script might go something like (assuming the forum is in public_html/forum/, and 775 is necessary for SMF to write to a directory):

--- Code: ---#!/bin/ksh
# convert all directories to read-only
find forum -type -d -exec chmod 555 {} \;
# specific directories make read-write by PHP
chmod 775 forum/attachments
chmod 775 forum/avatars
# convert all files to read-only
find forum -type f -exec chmod 444 {} \;
# no files to change back to read-write in normal operation (best to leave Settings.php R/O)

--- End code ---

To change back to read-write by owner and SMF, "readwrite" would be something like

--- Code: ---#!/bin/ksh
# convert all directories to read-write
find forum -type -d -exec chmod 775 {} \;
# convert all files to read-write
find forum -type f -exec chmod 664 {} \;

--- End code ---

Back up your forum before experimenting with this! I'm doing the "find" command from memory, and I haven't used -exec for a while, so you'll probably want to look that up and confirm it.

Navigation

[0] Message Index

[*] Previous page