777 Permissions/osCommerce - Dedicated Box
Apr 3, 2007
I'm running a site on a dedicated box, with no other user accounts. In order to get some of the features for my osCommerce site to work, I have to have a few files/directories set to 777 permissions.
It's my understanding that anyone who gains user access to the server would then be able to write/edit those files and directories, yes? It does not, however, mean that average joe web surfer has rights on them, correct?
So, assuming I keep up to date on security patches, lock the server down as well as possible, and keep my account as the only one on the server, is there any major security issue with leaving those 777 permissions?
I'd hate to close them off, as it would kill some REALLY helpful features, but security is important.
View 11 Replies
ADVERTISEMENT
Sep 24, 2007
I want an Oscommerce based store and would like to know what are the best options for hosting Oscommerce? May be Godaddy or yahoo or any other? Kindly guide me in making this decision in the light of your experiences.
View 6 Replies
View Related
May 20, 2008
to sign up for a Linux based VPS (I guess I prefer XEN) to host an OS Commerce (OSC) store with 360,000 items in the catalog. I will host my pictures elsewhere, so my main concern is performance in regards to database (which is MySQL) performance when people browse and especially search the catalog.
I think I need hence a VPS with at least 1024MB dedicated RAM, a good CPU share, but only very little storage space (again, the server will basically only contain the database and the necessary OSC PHP files, nothing else)
a) Does anybody have experience with hosting what is essentially a DB server on a VPS and can give me some setup hits regarding memory allocation, server resource allocation, PHP configuration, Apache configuration etc. when using a VPS for this purpose?
b) Does anybody know about a provider which offers a relatively high memory allocation (at least 1024MB, burstable to double that) for a price of not more than US$50.00 / month?
Well, I would like to have a couple of other things, but they are not THAT important, just to mention them:
- cPanel/WHM included,
- four (4) or more IPs included
View 13 Replies
View Related
Sep 26, 2008
Do they do a good job of supporting OSCommerce? I want to customize stuff using OSCommerce for my site. Let me know from those who have used OSCommerce with Cirtex hosting.
View 4 Replies
View Related
Jun 5, 2009
Atom N330 with 2G RAM,
is it powerful enough for vBulletin or osCommerce 500 users online?
View 8 Replies
View Related
Jun 3, 2009
I'm trying to get FTP working on a FreeBSD 7.1 box running ProFTPd.
The service runs but the issue is that the users cannot write to their home dirs. The server returns a 550 error.
Previously ProFTPd ran as user and group of "www" but I changed it to "nobody", which did not change anything.
I'm sure the issue is that of the home dirs for the users being owned by the users themselves and the service account not having access to write in that directory.
I'm not sure what is best to do here. Do I lift permissions so everyone can write to the home dirs? or is there a better way?
View 6 Replies
View Related
Jun 2, 2009
Let me start off with saying: I haven't had any suspicious activity, nor do I think I was compromised.
I logged in as root, and was simply clicking around my dedicated server and came across a few folders with permissions at 777. ALL are above /public_html
Irregardless, is this safe? I recall reading a bunch of topics on here, that /tmp needs to be hardened. Isn't this also above /public_html?
For one example:
/var/tmp is chmod to 077
..inside is a bunch of sess_ files
Is this folder open to hacking?
View 14 Replies
View Related
May 5, 2009
just buy a vps, all fine, but can not move or delete file by ftp after file uploaded by ftp and unzip by ssh. support say i need to use chown to change user to ftp user. but there is not ftp user on ssh when chown /dirctory ftpuser
View 4 Replies
View Related
Jan 19, 2007
when I setup a server I don't really care about permissions, I do lot of nasty chmod 777 * and stuff to easily get away with permission issues, since I'm the only one with access anyway.
But for a server that may be used for webhosting, how do I go about setting permissions in home directories so that programs like apache/php can still read/write to the user's web data? I'm guessing I need to add the user apache to each user's group and chmod 770 but I'm not too sure how to go about that, or if that's even how I should do it.
View 0 Replies
View Related
Mar 27, 2008
how permissions work in IIS in basic english
I spent ages trying to get a crm system working on my server and it only worked without errors when I changed the anonymous user privileges to "change" instead of "read".
Now this is meant to be insecure right? But my question is.... what exactly can go wrong with this configuration? In what ways is it insecure?
Also... correct me if I'm wrong but do:
- Web server permissions: only affect what scripts can run locally etc... and
- User / file level permissions: Protect against anonomous access changes from the net?
View 3 Replies
View Related
Jul 4, 2007
I have installed openvpn on the machine but i am having issues. I had to create /dev/net/tun manually and get permission errors on the device. I installed the openvpn rpm from [url].
on service startup i get the following log
Jul 4 22:03:09 gizmo openvpn[9517]: Note: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (errno=13)
Jul 4 22:03:09 gizmo openvpn[9517]: Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Jul 4 22:03:09 gizmo openvpn[9517]: Cannot allocate TUN/TAP dev dynamically
Jul 4 22:03:09 gizmo openvpn[9517]: Exiting
i installed from an rpm package on my cent0s 4 virtual machine, i followed the tutorial here, but to summarise after installing:
yum install openvpn -y
#Now check that it works
service openvpn start
#service fails - reason permission error on /dev/net/tun
running ifconfig i do not get a TUN/TAP device listed, im guessing as i haave never used vps before but i presume if all was working well i would get an additional interface listed alongside vnet0?
i have asked my vps provider to check i have TUN access, however in the meantime i would like to check there is nothing fishy with my setup?
View 1 Replies
View Related
Jul 24, 2007
Running LAMP, CentOS and webmin.
I've created a user and group for FTPing to a new domain. Problem is that when using Filezilla I get 'critical transfer error' after uploading files.
I have no problem with doing uploads as root, so this would appear to be permission problems.
So my question is, what do I need to do with the ftp user / or group in order to give appropriate permissions to place files under the public_html directory? Either through SSH or via Webmin...
View 2 Replies
View Related
May 29, 2007
I have some folders and files which simply won't let me upload, rewrite, rename, change permissions etc. Any action I try to perform on them simply gives me an error such as
550 Could not change perms on /public_html/foldername: Operation not permitted
The current permissions seem fine (755) and cpanel's file manager isn't having any luck either.
It's for a zen-cart site
Machine is running Cent OS with the following;
cPanel Version 11.2.17-CURRENT
cPanel Build 12566
Theme x3
Apache version 1.3.37 (Unix)
PHP version 4.4.6
MySQL version 4.1.22-standard
Architecture i686
Operating system Linux
View 11 Replies
View Related
Nov 17, 2007
while am installing some software wordpress plugins [ podpress ]
i have some problem in /tmp permission to the site owner!
how can we handle this problem so i can have a permission in my tmp folder
i try to chmod the tmp to 777 from the SSH root ... but the problem didn't solve ...
View 14 Replies
View Related
Jun 7, 2007
Yesterday I upgrade to cPanel 11... I can perfectly login using WHM, but one of our customers can login using root, this is the error:
Access Denied
The server was configured to not permit you access to the specified resource. If you believe this is in error or inadvertent, please contact the system administrator and ask them to update the host access files.
Where should I specify WHM login permissions?
Thanks.
View 4 Replies
View Related
May 19, 2009
I need to run my PHP application locally on my XP Pro machine with IIS. Part of my application requires creating files, how do I set write permissions on folders like you can with windows server?
Is this possible with XP pro
View 3 Replies
View Related
Aug 27, 2009
I am in the process of setting up my server and have come to the stage where I am uploading my actual website scripts and files. I am a little confused however as to what permissions and file/directory ownership my website files should be set to.
My web root is set to 755 (rwx/r-x/r-x) with Owner as root, and Group as root. All files within the web root are set to 744 (rwx/r--/r--) with the owner and group the same as the web root. The permissions set allow php scripts to function but I am not sure if the group should be set to root on all these files, is this correct?
My site users have no ftp access if that makes any difference to ownership.
View 4 Replies
View Related
Mar 18, 2008
In trying to setup a cronjob on a new server I notice that cPanel tells me that usr/bin/crontab permissions are wrong and that they need to be changed to 4755.
When I log in to the server with WinSCP and attempt to change the permissions it just doesn't do it ... it looks like it's doing it, no errors, but it just leaves it the same!
View 4 Replies
View Related
Mar 10, 2008
I tried installing webdav on my VPS, but I'm having problems. I added the module as a DSO. I'm able to connect to it fine (in multiple client (dreamweaver, cadaver)), however, when I try to upload, I'm not able to. Apache has permissions for that directory and for the lock file. However, I get a 403 Permission Denied error.
View 1 Replies
View Related
Feb 6, 2007
I'm using wsftp checking permissions in domain.net in this directory:
/public_html/mambots/content/plugin_jw_sig
through wsftp i saw chmod 755 but when i try to delete this directory appears with 550 and i can't delete it
So i used File Manager tool in Cpanel, selected directory to erase it, seems like was done, but when i refresh page the directory it's still there, so i try to change permissions because apparently it has 755 but i can't do anything with it, so when i click button to change permission i got an error message [a fatal error or timeout occurred while processing this directive]
Then i go trough wsftp to check again and this directory it's still there
View 4 Replies
View Related
Jul 12, 2007
I've created a new site on an IIS server. And when I try to access it, I get a window authentication window.
Seems I've had this happen before and it was a problem with IUSR permissions or password?
View 1 Replies
View Related
May 24, 2007
This is what you get when you go to this one site on the server in your browser:
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
This is a site in a reseller's account. The reseller had suspended it for non-payment. The account owner paid their fees, and the reseller unsuspended it. But now the site can't be reached.
I chowned and chmodded the account, but that didn't fix it.
View 3 Replies
View Related
Nov 11, 2007
I was on a server (reseller account) that ran PHPSuexec and default permissions were 755/644 as they should be.
We moved to a new cPanel 11 server and default permissions are 775/664. This is the same on 4 different servers from 4 different hosting companies (all reseller accounts). Three are CentOS, one RedHat Enterprise.
I entered a support ticket for one company and they said the permissions were not right and supposedly fixed it (I have left that company since then so I can't check).
The other hosting companies say their umasks are right and would not change it.
Apparently the apache installation defaults to these permissions which, security wise, seems kinda strange.
Can anyone shed some light on whether or not this is secure and does this mean I'm going to have change permissions evertime I upload files to install shopping carts, billing software etc.? (It's not hard it's just stupid to have to).
Should my hosts change apache system umask (022) to make permissions default to 755/644?
View 2 Replies
View Related
Dec 21, 2007
I'm migrating between two IIS servers using the migration tool.
Is there a way to copy of user permissions? Or at least see all the permissions from the original server?
View 7 Replies
View Related
Jan 16, 2007
I just ran into a very odd problem with my server. I was checking out my banner links on other sites when I realized none of them were displaying. I quickly checked the folder I keep the image in and I got a forbidden access warning. I checked the folder from ftp and it said the permissions were set to 0, instead of 755 like they should be
I can't move, delete, view, or alter the folder in any way.
View 1 Replies
View Related
Dec 29, 2007
my question is relating to a "DJ Panel" that I am making. I am looking into various file permissions and was wondering if all PHP files that are part of the DJ Panel have file permissions of 0666 will that pose any kind of security threat (make life easier for hackers) or do you see any downside to doing this?
View 3 Replies
View Related
Jun 26, 2007
I uploaded a joomla template and now need to edit the css file. But it says it is unwritable. Earlier, I had a problem editing an image. My host said, "Since these files were created the webserver, you didnt have ownership to change these files."
So perhaps the same happened with the css file? What do you think?
View 3 Replies
View Related
Apr 8, 2009
Is there any tool available which can be used to check permissions of the folders and files. For example, if we run the tool on the server it gives the list of files or folders which have write/modify permissions for everyone or other anonymous users in Windows.
View 0 Replies
View Related
Jun 10, 2009
Not sure if this is an Apache issue but I'm guessing it is. I also have cPanel on this server.
I made a PHP script and placed it on my server. This script has a function that will create a new file on the server, say a .txt file with information in it. When I go to do anything with that file that is created such as edit it, I get a permission denied from the server.
For example, FTP returns:
"Response: 550 Rename/move failure: Permission denied. "
Someone guessed that it is possible that when the PHP file is creating a new file on the server, it automatically places its permissions under root/apache, making it inaccessible for the cPanel user... if this were the case how could I potentially solve this issue?
View 5 Replies
View Related
Jul 22, 2009
How to secure /tmp folder on cpanel server with Centos?
what is permissions?
View 11 Replies
View Related
May 24, 2009
I have set up a ftp server for my clients to upload files.
I have setup 2 users, client and administrator.
When a client logs he uploads his files to a folder called upload_files.
But he cannot view files in that folder.
If I log in as administrator I can see all the files and folders.
But I can only delete files uploaded to the upload_files folder.
If the client uploads a folder with files into it, then I cannot delete it since the folder owner is client.
Ex:
/upload_files/image.jpg Can Delete
/upload_files/new_folder/image.jpg Can't Delete
View 6 Replies
View Related
