Important Security Question

Mary · 2008-04-03 06:42:35

…even SFTP (right!)…

Wha? Yikes.

MattD · 2008-04-03 07:00:54

I installed LAMP on my ubuntu machine and I have to give the directory 777 permissions to get rid of the warning in diagnostics. How do I fix this?

ruud · 2008-04-03 11:39:17

Matt, if you’re the only user (i assume this is your own home computer), then the risk is much less compared to when you’re on a shared webhost.

But if you want to change this, you could either configure Apache to run under your own username or use something like suphp or fastcgi to make the PHP scripts run onder your username…. or you could “chown” all the files to the same user as the one that your webserver currently runs as (often www-data or nobody).

MattD · 2008-04-03 15:44:48

Thank you, I figure if I know how to do it then I’ll be more prepared to argue with them.

AndrijaM · 2008-10-02 09:51:10

I read everything said here, but I didnt notice this question:

I’m on a shared hosting, and txp complains when images, files and tmp folders are anything less then 777. But when I set them on 755, in diagnostics txp said not writable, but my site still works.

I contacted my host, and they cant do anything about.

I cant upload images and files through txp, but I can do it manualy through ftp.

That leaves the tmp folder. What does not writable here means to txp? Becouse everything works fine, as far as I can see.

So can I actualy set all on 755 and let txp complain?

Last edited by AndrijaM (2008-10-02 11:44:22)

ruud · 2008-10-02 17:06:15

What happens if you set it to 775?
I suspect that your website is setup to use your own username to create files/directories when you use FTP, but when using a script, that script is executed under a different username. This is why 777 works. 775 might work. I’d wonder how safe 777/775 is in a shared hosting environment…

AndrijaM · 2008-10-02 17:20:19

Ah, its not safe at all, I understand that :)

775 does not work neither.

But, what about if I set 755 even if txp doesnt like it? My site seems to work fine, whole day now.

ruud · 2008-10-02 17:58:53

If you don’t mind using FTP to upload files/images, sure, that’s not a problem for TXP… just a bit more work for you.

AndrijaM · 2008-10-02 18:19:44

Thats great! Than I dont have to change hosting company!

Only what about textpattern/tmp folder, is it safe if it is not writable?

ruud · 2008-10-02 18:37:31

It’s used for uploading files/images… but since you’re not using that it’s not a problem.

AndrijaM · 2008-10-02 18:46:51

Thanks a lot!

Textpattern CMS

Textpattern CMS support forum

#46 2008-04-03 06:42:35

Re: Important Security Question

#47 2008-04-03 07:00:54

Re: Important Security Question

#48 2008-04-03 11:39:17

Re: Important Security Question

#49 2008-04-03 15:44:48

Re: Important Security Question

#50 2008-10-02 09:51:10

Re: Important Security Question

#51 2008-10-02 17:06:15

Re: Important Security Question

#52 2008-10-02 17:20:19

Re: Important Security Question

#53 2008-10-02 17:58:53

Re: Important Security Question

#54 2008-10-02 18:19:44

Re: Important Security Question

#55 2008-10-02 18:37:31

Re: Important Security Question

#56 2008-10-02 18:46:51

Re: Important Security Question

Board footer