I was on a server (reseller account) that ran PHPSuexec and default permissions were 755/644 as they should be.
We moved to a new cPanel 11 server and default permissions are 775/664. This is the same on 4 different servers from 4 different hosting companies (all reseller accounts). Three are CentOS, one RedHat Enterprise.
I entered a support ticket for one company and they said the permissions were not right and supposedly fixed it (I have left that company since then so I can't check).
The other hosting companies say their umasks are right and would not change it.
Apparently the apache installation defaults to these permissions which, security wise, seems kinda strange.
Can anyone shed some light on whether or not this is secure and does this mean I'm going to have change permissions evertime I upload files to install shopping carts, billing software etc.? (It's not hard it's just stupid to have to).
Should my hosts change apache system umask (022) to make permissions default to 755/644?
I've installed the Plesk Panel onto a windows 2008 server. It's all good, web sites are flowing and I'm really happy with the software. The issue I'm having is a customer has an asp site with an access database. After I uploaded their site, they couldn't write to the database, so I had to manually go and set the permission on the database for the "Plesk IIS Anonymous Account (IUSR_xxx)" user to have modify access on the file.
So my question is this, how can I set up the default hosting account to already allow this and so I don't have to go an waste time tweaking the folders manually trying to find the right permissions?
Also, why is it the Plesk IIS Anonymous account that needed to have it's permissions tweaked and not the "Default Plesk application pool user (IWAM_plesk(default))" which is the user who's configured on the application pool in IIS? I can't see where the Plesk IIS Anon user is being used.
I am running Plesk 11.5.30 on CentOS and trying to change the default permissions of the /httpdocs folder and the skeleton site that is in .skel/0/httpdocs that appears when a domain is created. I have failed to find the event that I need to use to trigger the command.
just buy a vps, all fine, but can not move or delete file by ftp after file uploaded by ftp and unzip by ssh. support say i need to use chown to change user to ftp user. but there is not ftp user on ssh when chown /dirctory ftpuser
when I setup a server I don't really care about permissions, I do lot of nasty chmod 777 * and stuff to easily get away with permission issues, since I'm the only one with access anyway.
But for a server that may be used for webhosting, how do I go about setting permissions in home directories so that programs like apache/php can still read/write to the user's web data? I'm guessing I need to add the user apache to each user's group and chmod 770 but I'm not too sure how to go about that, or if that's even how I should do it.
Yesterday I upgrade to cPanel 11... I can perfectly login using WHM, but one of our customers can login using root, this is the error:
The server was configured to not permit you access to the specified resource. If you believe this is in error or inadvertent, please contact the system administrator and ask them to update the host access files.
I am in the process of setting up my server and have come to the stage where I am uploading my actual website scripts and files. I am a little confused however as to what permissions and file/directory ownership my website files should be set to.
My web root is set to 755 (rwx/r-x/r-x) with Owner as root, and Group as root. All files within the web root are set to 744 (rwx/r--/r--) with the owner and group the same as the web root. The permissions set allow php scripts to function but I am not sure if the group should be set to root on all these files, is this correct?
My site users have no ftp access if that makes any difference to ownership.
I tried installing webdav on my VPS, but I'm having problems. I added the module as a DSO. I'm able to connect to it fine (in multiple client (dreamweaver, cadaver)), however, when I try to upload, I'm not able to. Apache has permissions for that directory and for the lock file. However, I get a 403 Permission Denied error.
I'm using wsftp checking permissions in domain.net in this directory: /public_html/mambots/content/plugin_jw_sig
through wsftp i saw chmod 755 but when i try to delete this directory appears with 550 and i can't delete it
So i used File Manager tool in Cpanel, selected directory to erase it, seems like was done, but when i refresh page the directory it's still there, so i try to change permissions because apparently it has 755 but i can't do anything with it, so when i click button to change permission i got an error message [a fatal error or timeout occurred while processing this directive]
Then i go trough wsftp to check again and this directory it's still there
I just ran into a very odd problem with my server. I was checking out my banner links on other sites when I realized none of them were displaying. I quickly checked the folder I keep the image in and I got a forbidden access warning. I checked the folder from ftp and it said the permissions were set to 0, instead of 755 like they should be
I can't move, delete, view, or alter the folder in any way.
my question is relating to a "DJ Panel" that I am making. I am looking into various file permissions and was wondering if all PHP files that are part of the DJ Panel have file permissions of 0666 will that pose any kind of security threat (make life easier for hackers) or do you see any downside to doing this?
I uploaded a joomla template and now need to edit the css file. But it says it is unwritable. Earlier, I had a problem editing an image. My host said, "Since these files were created the webserver, you didnt have ownership to change these files."
So perhaps the same happened with the css file? What do you think?
Is there any tool available which can be used to check permissions of the folders and files. For example, if we run the tool on the server it gives the list of files or folders which have write/modify permissions for everyone or other anonymous users in Windows.
Not sure if this is an Apache issue but I'm guessing it is. I also have cPanel on this server.
I made a PHP script and placed it on my server. This script has a function that will create a new file on the server, say a .txt file with information in it. When I go to do anything with that file that is created such as edit it, I get a permission denied from the server.
Someone guessed that it is possible that when the PHP file is creating a new file on the server, it automatically places its permissions under root/apache, making it inaccessible for the cPanel user... if this were the case how could I potentially solve this issue?