Whoops, I left all my web directories and file with access rights of 777 !

Started by aegersz, February 16, 2018, 04:53:11 PM

Previous topic - Next topic

aegersz

I keep forgetting that i left all my files with 777 when i didn't know about ownership and took such shortcuts when building my forum.

with 777 everything worked well ... i did a little bit of searching and found
Why chmod 777 is NOT a security risk


I also found recommendation to set folders to 755 and files to 644.

I just wanted to get your opinions on the latest thinking and advice, please.
The configuration of my Linux VPS (SMF 2.0 with 160+ mods & some assorted manual tweaks) can be found here and notes on my mods can be found here (warning: those links will take you to a drug related forum). My (House) music DJ dedication page is here

Sir Osis of Liver

Some servers will block access to 777 for security reasons, 755/644 is recommended and works well on most server configurations.
Ashes and diamonds, foe and friend,
 we were all equal in the end.

                                     - R. Waters

Aleksi "Lex" Kilpinen

Generally keeping the permissions as low as you can without breaking anything is a good idea when you have no way to control or even know how your server is setup. But, the file permissions in themselves don't really create a risk, and they don't leave your site open for attacks or anything.
Slava
Ukraini!
"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF

aegersz

The configuration of my Linux VPS (SMF 2.0 with 160+ mods & some assorted manual tweaks) can be found here and notes on my mods can be found here (warning: those links will take you to a drug related forum). My (House) music DJ dedication page is here

Advertisement: