PHP Permissions (file Owner)
I have setup an ftp user which can upload files to /home/ftp/upload and obviously it assigns the ftp user as the owner when it uploads. Now, I want PHP to be able to rename those files, but getting a permission denied, presumably because apache aint the owner or doesnt have permission to do that, so how do I grant it the right permission(s)?
View Complete Thread with Replies
Sponsored Links:
Related Forum Messages:
Php.ini And .htaccess File Permissions
I'm on a shared FreeBSD server, running Apache with Drupal, and vBulletin. I had to create a local php.ini file in my public_html folder for Drupal, and another in my forum folder for vBulletin. Now my question is, what should I set the permissions of these files to? Also, what should I set .htaccess permissions to as well? I'd like to keep them invisible to the public. But, I don't want any problems with Drupal, or vBulletin ether. I'm used to using Linux and I know how permissions work on a desktop. I just don't know what they do when used on a server. I'm guessing 640, but I'd like to make sure before I change anything.
View Replies!
View Related
Directory Owner/permissions
I currently have a WHM/CPANEL VPS and will be running a content managment system that is licensed to manage any domain on the same server. The CMS essentially builds static webpages for all domains that it manages. The CMS is written in perl and is installed in CGI directory of the " master domain". I wish to use the CMS in this master domain to control the other domains on the server. Each of the other domains has its own public_html directory and own CPANEL. Right now, I have to make the public_html directory of my other websites "world writeable" before I build its pages using the CMS. I want to get away from that. I wish to set up permissions to 755 on each of the public_html directories and still be able to write to those other sites from my master domain's CMS.
View Replies!
View Related
File Permissions
my question is relating to a "DJ Panel" that I am making. I am looking into various file permissions and was wondering if all PHP files that are part of the DJ Panel have file permissions of 0666 will that pose any kind of security threat (make life easier for hackers) or do you see any downside to doing this?
View Replies!
View Related
File Permissions In Windows
I'm transferring websites from Linux to Windows. My scrips are writing uploaded photos to the server's hard disk drive. In Linux, I've set up right permissions to the folder: allow write files, php user as the owner of the folder. After I've transferred everything to Windows Server 2008 server, I've removed "read only" atribute from folders and files, but PHP scripts still can't write new files or change old files. I wonder what should I do to fix it? Set PHP user as the owner (as in Linux)? If yes, how can I do it?
View Replies!
View Related
Folder - File Permissions
Server: Centos 4.5/cPanel v11/php5 - SSH Maybe someone can set me straight on this. I have always been under the impression, that under normal circumstances, permissions should usually be as follows: userdir - 711 public_html - 750 folders - 755 files - 644 I am doing some work on a server and when I create a new folder (using WinSCP) it defaults the folder permissions to 775 and file permissions to 664. Besides causing possible problems with the applications I'm installing, isn't this a bit of a security risk? Also, if I upload a tar and untar on the server it sets the same 775/664 permissions.
View Replies!
View Related
FTP + File Permissions For Client
I have set up a ftp server for my clients to upload files. I have setup 2 users, client and administrator. When a client logs he uploads his files to a folder called upload_files. But he cannot view files in that folder. If I log in as administrator I can see all the files and folders. But I can only delete files uploaded to the upload_files folder. If the client uploads a folder with files into it, then I cannot delete it since the folder owner is client. Ex: /upload_files/image.jpg Can Delete /upload_files/new_folder/image.jpg Can't Delete
View Replies!
View Related
Preserving File Permissions While Copying
a way to preserve folder/file permissions in a windows environment. We are copying files from one drive to another on one of our servers. It's crucial to preserve the permissions - but i've done some research and can't find any way to get this done... Anybody familiar with any methods on how to approach this? We're running windows 2003 server.
View Replies!
View Related
File Manager And WordPress Permissions
I just purchased my first hosting package in 10 years. Things have changed quite a bit and I'm unsure about some of the permissions settings. My new account is with Host Gator. I could really use some help. I'm going to use WordPress for the first time. I'd like to harden down my Linux server on Host Gator as much as possible. I'd also like to harden the WordPress permissions as much as possible. I've read a fair amount about and have a little experience in setting read, write, and execute permissions plus some other security experience. My main concerns are to strike the balance between hardening down enough without making it so WordPress can't access whatever it needs to access. I also have "Hot Linking" to consider. Not sure if that will make it difficult for WordPress to do it's thing. Did I say that clearly enough?
View Replies!
View Related
File Permissions On Shared Host
I recently opened a shared hosting account with a new host. Can someone advise on file/folder permissions I can set which will keep my shared host neighbors out? While accessing my account via FTP I noticed I could freely view and download files from other users folders - their PHP, HTML, images, you name it! I would like to be more private with my files which include PHP scripts, images, etc. I already contacted the help desk with my host and the tech said shared access between accounts is normal (even FTP) and if I restricted permissions then my PHP wouldn't work for Internet users. I'm not buying it. I should be able to set the permissions such that Internet users can execute the PHP and view images, without my account neighbors using FTP to download my files.
View Replies!
View Related
CGI Security And File Permissions
I am planning to use CGI for my web installations and there appears to be a whole lot of conflicting info about setting file permissions in the user's folder. What are the permissions actually required for reading and writing into the web users directory? A lot of them say 755, but that doesn't make sense as it gives any user read and write permissions to the whole web directory tree. Other than the initial index .php, .cgi or some other files that need to be ready by the webserver process shouldn't every other file be 700 or 600 as every subsequent file access is done under the control of the cgi program? Unless a file is to be served directly by the web server process and is not in a ScriptAlias directory or is not marked as a CGI shouldn't the permissions on that file be 600 or 700? I'd also like to know if there are some guides as to how the CGI security issues operate.
View Replies!
View Related
File Permissions On WIndows Server 2003
i am more a linux guy than windows, but recently i have to switch to windows. In my FTP program I logged in one of my domains and tried to edit file permissions for a folder but in my windows filezilla server it game me 504 command not implemented for that parameter error message. I read a little and learned that windows dos not support posix. How can a change the file permissions on windows machine?
View Replies!
View Related
How To Change Permissions Of A Read Only File System
I have a dedicated server and till few days back i was able to edit my files fine but this morning when i am trying to edit any file, it gives me back this error: [user@domainname theme]$ chmod 777 header.php chmod: changing permissions of `header.php': Read-only file system [user@domainname theme]$ [root@domainname theme]$ chmod 777 directoryy chmod: changing permissions of `directoryy': Read-only file system [root@domainname theme]$ I tried both as normal user and root and same results. Do you think the hosting guys changed the permissions of the file system or something?
View Replies!
View Related
File And Directory Permissions Is Driving Me Crazy
Until recently i had never used a Linux server, as i used to have a windows server. I now have a Linux VPS I am now at my wits end with file permission problems I use Joomla a lot for my websites, and i also develop and program many modules and components for it, but at the moment every time i upload a module (which is a zip file with php files that is put onto the server in the right place via php) it sets the ownership to "nobody" rather than the username so i cant access it via ftp, as it says you don't have permission or the file may not exist. Is there anyway the server can be set so it will by default set the file to have an owner name that will allow ftp access to it without me having to learn SSH Putty (which is all i have done today) or contacting my hosting company every time? I am spending more of my time with these permission problems than doing my work, it driving me barmy!
View Replies!
View Related
Getting Errors Due To File Permissions. What Config Is Required
I have placed a Content Management System on an Apache server using Cpanel and when I try to install I get messages about folders and files needing permission changes, then after installation some modules won't work because of wrong permissions. The solution to make everything work is to set all folders and files to 0777 but then that would just open up to insecurity. Also I can't set files to 0444 using an FTP client. It can only be done via Cpanel's file manager. I install the same CMS on another hosting service with the same Apache/Cpanel config and it does not require any CHMOD. The app installs without errors and functions correctly with folders at 0755 and files at 0644. It seems most shared hosting nowadays work as the latter statement so what could be the cause why the other hosting server require all the permission changes?
View Replies!
View Related
PHP Scripting And Permissions On Unix
I currently have a script with code below that works great when the permissions on the dbconnect.php file are 755. The problem with this is that anyone on the web can see this config file which contains passwords DOH! If I change it to 751, then it tells me "cannot connect". The user and group on both the page and this script are the same. With apache, i use the setting to store http and https files in the same directory. Any ideas how to make this a little more secure? Changing the permission to 751 would do the trick but then it breaks the script. I don't understand why the script would be running taking "other" permissions into account...it should be running with "user" permissions instead. it might even have something to do with who the apache executable is running as... <?php include("../../../cgi-bin/dbconnect.php"); // Connect to server and select database. mysql_connect("$databasehost", "$dbuser", "$dbpword")or die("cannot connect"); mysql_select_db("$dbname")or die("cannot select DB");
View Replies!
View Related
Links Files In Linux (file.txt For File.php)
Today I found some cstomer on the servers make a link for named it file.txt and link it to other customer php file. so that customer have the ability to show the other custoer file content when visiting the url because it is a text wile originally it is a php file. the php file was a config file, so now he know the database password , and because he is in the same server he can use that databse. the question , how to avoide this prolem in the future? notes , the SuExec is rnning and the open_basedir protection is enabled, but the problem still exists.
View Replies!
View Related
Strange PHP File On My VPS. (oxb.php)
I found a strange PHP file in a strange folder on a VPS I am using to host a few sites. I've looked through the logs but can't figure out how it got there and I've look at the code and can't make any sense of it. Can somebody take a look at the code and tell me what they think of it: .....
View Replies!
View Related
PHP File Upload
I think I messed php config and I can't upload anything with php now Dir is chmoded on 777 and File_Uploads = On in php.ini I'm running lsphp5 with suhosin, when I try to import db via phpmyadmin I get error: Uploading is not allowed and when I try to upload some file via php script I can't
View Replies!
View Related
Php File Corruption
I have a Linux VPS with Liquidweb which is working fine except for one problem: On one domain I have a shopping cart (a highly modded CubeCart). A number of the files are encrypted php files (part of the extensive mods). For several weeks all will work fine, then out of the blue, the cart will stop working because a number of the encrypted files have become corrupt. The result is either a totally blank page or a 'checksum error'. Uploading the files from a local backup fixes things for another few days or weeks. I have no idea why this is happening, or what triggers it, so if anyone can point me in the right direction to find out what is behind the problem, I would greatly appreciate it. The server uses PHP 5.2.x
View Replies!
View Related
Cron: How To Run Php File
My server with cPanel, I'd like run file http://domain.com/file.php at 0h00 everyday, I have set the Cron Job in cPanel : Code: 0 0 * * * /usr/bin/ehpwget http://domain.com/file.php but The cron is not working well Code: /bin/sh: /usr/bin/ehpwget: No such file or directory Can any one please let me know how to run a php file with cron. (as user or root)
View Replies!
View Related
[php] <defunct> - What File Generating That ?
On my server, i have one user ho create load on my server. user 29508 22.0 0.0 0 0 ? Z 15:18 0:00 [php] <defunct> That user has more site added with addons from cpanel. How can I found witch site is generating that high load ? Also some time, I have php index.php ( and that don't help me very much ) The server run php as cgi module.
View Replies!
View Related
PHP File Change String
I currently have this code in my Image Upload script which changes the file name into sets of numbers and letters Quote: $new_file_name = "uploads/" . md5($_FILES['selector']['name'] . time()) . "." . $extension; How can i make it so its smaller than an md5, about 6 or 7 numbers and letters.
View Replies!
View Related
Mod_rewrite - Changing Paths In The Php File?
I am using mod_rewrite to create "pretty" urls but some of my files contain paths such as this: <img src="images/blah.jpg"> Meaning if the user visits a page where the file does not physically exist then it won't work. I want to know if it is possible to pick this up and rewrite the path. I.e.: change: <img src="images/blah.jpg"> to: <img src="../images/blah.jpg"> or <img src="../../images/blah.jpg"> As I don't want to create physical files with relative urls for every trunk of my url. For example: www.mydomain.com/directory/directory/directory/ Would need 3 different files in three different directories to display properly.
View Replies!
View Related
Prevent PHP Files Used For File Uploading
It appears that some people like to take advantage of those files for online web applications such as Wordpress which have php files with permissions set to 777. They use those as a means of creating an upload file. The upload files that they create then have access to the whole server somehow... Is there anyway of preventing this from happening?
View Replies!
View Related
Chmod Choices With Php Writing To A File
My account has been hacked with every index.php page defaced. I've cleaned up and my shared wehost is pointing at me saying there shouldn't be any 777 permissions for any files in there. I used 777 to allow php to add records in a txt file and in an xml file. Is there a better / more secure chmod code I can use? Those are the only two instances where I need php to write to a file and those files shouldn't be served to anyone, I do not want anyone to be able to access them. How can I secure them while letting php write in them?
View Replies!
View Related
Strip Whitespace From Each Line Of PHP File
I have a load of PHP files that need trimming down, so for example Code: <html> <?php $loads_of_stuff = 1231231; ?> </html> change to Code: <html> <?php $loads_of_stuff = 1231231; ?> </html> There are 000's of lines, so some awk command or something similiar would be great to execute on each file.
View Replies!
View Related
How To Prevent People Upload Unwanted .php File
I have a 777 cmod folder open. It needed to be writable so that legitimate users can upload their picture. However, i do not want people to upload .php or .php.pjepg etc to the server. There are times that they do not use the form in my site to upload the php file. How can they do that? via perl command? And how to prevent such thing from happending?
View Replies!
View Related
Owner 99
I have a problem in my server I have some files uploaded by uplaod center set owner = 99 not account user I have open_basdir effect and safe mode on
View Replies!
View Related
How To Secure Your Php.ini File Safe Mode ; Disable_functions ; Etc
what are the most important issues for secure php.ini file like when you turn your SAFE_MODE ON or OFF? or please who every read this topic to post his important disable_functions in php.ini ... and if some functions disable to post it ... let's make this subject for the most important issues for secure your php.ini from script-kids as we can ... here i have some important question's for anyone has or controlling a server ; vps .... #0x01 ; what the most important disable_functions for the php.ini? #0x02 ; is the safe_mode should be enabled? or disable? and this depend on what exacly? #0x03 ; what the functions or any trick to control the nobody ( attacker on the server or shell ) FROOZ .... didn't move ? or make any command in the server ... #0x04 ; i saw in some secure server ( as they say ) they changed the Server : discribe to them name[s] like Server : SECURE BY US .COM OR SECURE SERVER .. uname -a : Linux secure.secure.com 2.6.9-023stab040.1 #1 Mon Jan 15 23:24:32 MSK 2007 i686 athlon i386 GNU/Linux sysctl : linux 2.6.9-023stab040.1 Server : SECURE BY US ! < [THIS WHAT I MEAN HOW COULD WE CHANGE IT IN PHP.ini ?] id : uid=99(nobody) gid=99(nobody) groups=99(nobody) <[how can we cannot make this nobody to have the host id ! everyhost in the server should have his own name and php.ini ?] pwd : /home/host/public_html/ #0x05 ; how can we hide the uname -a on the shell [ the attacker upload it to our customer site !] #0x06 ; how can we hide the sysctl to view to anyone like [ attacker ] ... #0x07 ; how can we rewrite on he Server Type the display for our secure message?Server : SECURE BY US ! #0x08 ; how can we give evey site and customer his php.ini file in his public_html? and how can we give him [ JUST HIS PERMISSION TO HIS SITES FOLDER AND NOT OTHER PATHS AND PERMISSION!] these question every one had a server ; vps , need to know and secure his box from other ... and anyone would like to publish any new [secure or not] idea please let us know what you would like to say ....
View Replies!
View Related
Simpleish PHP/flat Files - Create File, Edit, Save
Display some text in a web browser from a file called text.txt text.txt will have many lines and some of them I do not want users to be able to modify and overwrite. config_item_1=user can edit config_item_2=user should see but not edit (could be on any line) config_item_3=user can edit config_item_4=user can edit The user has made their changes in the web browser and clicks submit. I then need this info to be saved as the text.txt file however some checking needs to be done first. Anything matching config_item_2 should be removed. This could be on any line. Anything not matching should be permitted and added.
View Replies!
View Related
32004 Owner Process
Whats following process (owner: 32004) 18689 32004 0 1.6 0.1 /usr/local/cpanel/3rdparty/bin/php-cgi -c /usr/local/cpanel/3rdparty/etc/phpmyadmin /usr/local/cpanel/base/3rdparty/phpMyAdmin/index.php
View Replies!
View Related
How To Check If Company DC Owner Or Not
Do you know Utropicmedia.net has own datacenter? They seem start offering colocation service And there are lots of features included. Is it possible to provide without DC? I'm wondering if they bought DC or they own it for long time or still rent? How to check that?
View Replies!
View Related
First Time VPS Owner
I'm currently renting a VPS, fingers crossed everything is running just fine. A Question i go for you is, Im Looking at upgrading the mysql on the VPS, as im looking at installing xcache xcache.lighttpd.net/wiki/Release-1.2.0 Would you say this is a good idea or not, as i've heard that xcache can reduce server loads ? If you think it is a good idea could you point me in the direction of how to upgrade my mysql, can this be done via WHM?
View Replies!
View Related
Rsync Owner/groups
I've tried just about everything to preserve owner/group using rsync. I've tried running rsync as a daemon, etc.. I user rsync to backup /etc /home etc.. when restoring data I have to change the owner/group for everything this is very time consuming!
View Replies!
View Related
Chown Not Changing Owner:group
I have just restored an account to my directadmin box and it appears to have restored with the wrong owner / group. Easy I thought, a quick 'chmod secure.secure -R *' should crack that but how wrong was I. After running that I get the error: chown: invalid option -- o Now - both the user and the group exist, so why won't the files change owner and group?
View Replies!
View Related
Owner: What Is Your TOS Regarding Unlimited Features
After my bad experience regarding unlimited features on this link: [url] I tried to search some of webhosting provider tos regarding their unlimited bandwidth and space. Here one of the tos: (sorry, I hide the name).Unmetered Bandwidth Policy The purpose of the ********* unmetered bandwidth policy is to assure owners of standard operating web sites and small businesses that they will not be surprise billed for bandwidth usage. It is one less thing someone will need to worry about while hosting their web site at *********. The ********* unmetered bandwidth policy does not cover certain web sites. These include the following: * Web Portals/Communities/Forums - Any sites that have members and/or forums. * Online Gaming - Includes online casinos and single/multiplayer online games. * Image Galleries - Includes eBay or other online auction image dumps. * Downloads - Any site that prompts for a download or has large applets. * Audio/Video - Any streaming content, web-cams or audio/video downloads. * Chat - Includes PHP and Java chat rooms. CGI-based chat is not allowed on our servers. If you are planning on using our servers to host one of these sites, ********* will allow for 50 GBs of transfer per month. You will be billed $10.00/10 GBs/mo thereafter. All other accounts for personal and small business are allowed unmetered bandwidth. If you adhere to our Terms and Conditions of Use Policy and run a standard web site, you will be covered under the unmetered bandwidth policy. (99.9% of all ********* hosted web sites currently qualify for their unmetered bandwidth usage.) Accounts that do not follow our Terms and Conditions of Use policy are classified as metered bandwidth accounts and will be billed accordingly. Unmetered Web Space Policy ********* customers are privileged to be offered unmetered web space for their sites on certain plans. ********* will start you out with 1000 MBs of space. Once you approach 90% of its use, simply request additional space from Support. ********* will then add another 1000 MBs of space, free of charge. You can continue this process until you no longer require additional space. The intent of ********* is to provide a large amount of web space to serve web documents, not an off site storage area for electronic files or a backup of your PC. Ninety Percent (90%) of your web pages (html, etc.) must be linked with files (.GIF, .JPEG, etc.) stored within your space, hosted on a ********* server. Web sites that are found to contain either/or no html documents, a large number of unlinked files, will not be offered any additional web space under our Unmetered Web Space Policy. Read the tos carefully, it can be tricky right? So if your the owner of webhosting provider that give unlimited bandwidth and space.. what is your TOS?
View Replies!
View Related
Migrating Cpanel Account To Its Owner
I am getting problem while migrating cpanel a/c to its owener I am using master reseller a/c and once I lost control over few cpanel a/c when the my Hosting firm migrate to another IP address. Now I want to get back to these cpanel a/c in major a/c But it failed..is there another method to get back...
View Replies!
View Related
Proc List Only Shows "/usr/bin/php" - No More File Names
We use cpanel on our centos servers and we've updated our servers recently using easyapache to the latest php4 and mod_suphp and I've noticed that in top (running "top c" in shell) all php processes by any user are simply displayed as "/usr/bin/php" Before this update the processes also showed the file name eg. "/usr/bin/php lamescript.php" which allowed to easily find troublesome scripts ... but now there's no way of knowing what the script in question is that's eating up 100% of the cpu .. or is there?
View Replies!
View Related
|
TRACKER
