Default CHMOD Settings?

[RogerLewin]

Hey,

what are the default CHMOD settings by Folder in SMF? I changed every folder to 777 due to a problems with a script and today i found folders named ".log" with thousands of files i never uploaded...

Roger

[Illori]

and these folders have what name? and the files in them have what name? if a server is correctly configured 777 is not a risk, but in some setups it can be. so 755 for folders can work and 644 for files. How do I chmod? / what is chmod?

[RogerLewin]

The files were named like women-giving-birth15344xx.htm and women-big-breasts8568xx.htm. The folders were named .log and where hidden

[Illori]

sounds like someone on your server was able to access your files, i would contact your host and let them know ASAP do not remove the files until your host has a chance to look at them. this is a MAJOR security issue.

[RogerLewin]

already did. The support specialist wasnt able to track the source of the files...  :-/

I now changed everything to 755, only the tp-downloads (Which comes from TinyPortal) to 777

[Illori]

then remove the files that were added and keep a close watch on your files and do a backup of your files and database often. dont be surprised if it happens again and you need to find a new host.

[RogerLewin]

well, the host is one of the biggest in germany, i don't think, it was their fault (hosteurope)

Backup is running... thanks

[Illori]

just because they are large does not mean they are good at security.... which it seems like they are not given what you have said above.

[RogerLewin]

another note: i found 4 php files named alyssa.php, twister.php, vampires.php and boldhead.php referencing the now deleted files in the logs. i also deletes thoses files

119.63.196.119 - - [02/Jul/2011:12:59:49 +0200] "GET /alyssa.php?q=renekton-outback&page=2 HTTP/1.1" 200 43069 "-" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html [nofollow])" "administratum.de"

The folders containing those files are now also set to 755