when I setup a server I don't really care about permissions, I do lot of nasty chmod 777 * and stuff to easily get away with permission issues, since I'm the only one with access anyway.
But for a server that may be used for webhosting, how do I go about setting permissions in home directories so that programs like apache/php can still read/write to the user's web data? I'm guessing I need to add the user apache to each user's group and chmod 770 but I'm not too sure how to go about that, or if that's even how I should do it.
just buy a vps, all fine, but can not move or delete file by ftp after file uploaded by ftp and unzip by ssh. support say i need to use chown to change user to ftp user. but there is not ftp user on ssh when chown /dirctory ftpuser
Yesterday I upgrade to cPanel 11... I can perfectly login using WHM, but one of our customers can login using root, this is the error:
The server was configured to not permit you access to the specified resource. If you believe this is in error or inadvertent, please contact the system administrator and ask them to update the host access files.
I am in the process of setting up my server and have come to the stage where I am uploading my actual website scripts and files. I am a little confused however as to what permissions and file/directory ownership my website files should be set to.
My web root is set to 755 (rwx/r-x/r-x) with Owner as root, and Group as root. All files within the web root are set to 744 (rwx/r--/r--) with the owner and group the same as the web root. The permissions set allow php scripts to function but I am not sure if the group should be set to root on all these files, is this correct?
My site users have no ftp access if that makes any difference to ownership.
I tried installing webdav on my VPS, but I'm having problems. I added the module as a DSO. I'm able to connect to it fine (in multiple client (dreamweaver, cadaver)), however, when I try to upload, I'm not able to. Apache has permissions for that directory and for the lock file. However, I get a 403 Permission Denied error.
I'm using wsftp checking permissions in domain.net in this directory: /public_html/mambots/content/plugin_jw_sig
through wsftp i saw chmod 755 but when i try to delete this directory appears with 550 and i can't delete it
So i used File Manager tool in Cpanel, selected directory to erase it, seems like was done, but when i refresh page the directory it's still there, so i try to change permissions because apparently it has 755 but i can't do anything with it, so when i click button to change permission i got an error message [a fatal error or timeout occurred while processing this directive]
Then i go trough wsftp to check again and this directory it's still there
I was on a server (reseller account) that ran PHPSuexec and default permissions were 755/644 as they should be.
We moved to a new cPanel 11 server and default permissions are 775/664. This is the same on 4 different servers from 4 different hosting companies (all reseller accounts). Three are CentOS, one RedHat Enterprise.
I entered a support ticket for one company and they said the permissions were not right and supposedly fixed it (I have left that company since then so I can't check).
The other hosting companies say their umasks are right and would not change it.
Apparently the apache installation defaults to these permissions which, security wise, seems kinda strange.
Can anyone shed some light on whether or not this is secure and does this mean I'm going to have change permissions evertime I upload files to install shopping carts, billing software etc.? (It's not hard it's just stupid to have to).
Should my hosts change apache system umask (022) to make permissions default to 755/644?
I just ran into a very odd problem with my server. I was checking out my banner links on other sites when I realized none of them were displaying. I quickly checked the folder I keep the image in and I got a forbidden access warning. I checked the folder from ftp and it said the permissions were set to 0, instead of 755 like they should be
I can't move, delete, view, or alter the folder in any way.
my question is relating to a "DJ Panel" that I am making. I am looking into various file permissions and was wondering if all PHP files that are part of the DJ Panel have file permissions of 0666 will that pose any kind of security threat (make life easier for hackers) or do you see any downside to doing this?
I uploaded a joomla template and now need to edit the css file. But it says it is unwritable. Earlier, I had a problem editing an image. My host said, "Since these files were created the webserver, you didnt have ownership to change these files."
So perhaps the same happened with the css file? What do you think?
Is there any tool available which can be used to check permissions of the folders and files. For example, if we run the tool on the server it gives the list of files or folders which have write/modify permissions for everyone or other anonymous users in Windows.
Not sure if this is an Apache issue but I'm guessing it is. I also have cPanel on this server.
I made a PHP script and placed it on my server. This script has a function that will create a new file on the server, say a .txt file with information in it. When I go to do anything with that file that is created such as edit it, I get a permission denied from the server.
Someone guessed that it is possible that when the PHP file is creating a new file on the server, it automatically places its permissions under root/apache, making it inaccessible for the cPanel user... if this were the case how could I potentially solve this issue?
I own a dedicated server and have installed plesk on it. With the domain, plesk creates an FTP account to use for that domain. When you use that user/pass it only allows access to the
Code: /var/www/vhosts/mydomain/ directory, which is fine.
Now the problem is that the account has very limited permissions. It didn't let me write to any of the folders unless I chmodded them to '777', and now doesn't let me overwrite any files unless I login as root and chmod the individual files to '777'. How can I set this accounts permissions to allow full writing, and reading for everything it has access to? I don't want everything to have full permissions for obvious reasons.
I have an issue I've never seen before, and hope someone here can shed some light on this odd problem.
Just brought a new server online running Apache 2.2.3. The DocumentRoot was originally set to /var/www/html but I changed it to /home/[sitename]/public_html. I've done hundreds of Apache configs before and this one is no different.
Anyhow, here's the issue:
In SSH (logged in as root), if I create a file (let's just say I do a vi index2.php, enter "test" and save), when I try to go to pull the file in my browser, I get a 403 permission denied error. However, if I create the file in /var/www/html then move it to /home/[sitename]/public_html, the file comes up fine in a browser. Same goes for JPEG images. If I wget a JPG from another site directly into /home/[sitename]/public_html, get a 403 permission denied. If I wget it into /var/www/html then move it, it loads just fine.
It's important to note that the file permissions, owner, and the actual file itself are all identical. Both directories are chowned and chmodded identically.
I'm on a shared FreeBSD server, running Apache with Drupal, and vBulletin.
I had to create a local php.ini file in my public_html folder for Drupal, and another in my forum folder for vBulletin. Now my question is, what should I set the permissions of these files to? Also, what should I set .htaccess permissions to as well?
I'd like to keep them invisible to the public. But, I don't want any problems with Drupal, or vBulletin ether.
I'm used to using Linux and I know how permissions work on a desktop. I just don't know what they do when used on a server. I'm guessing 640, but I'd like to make sure before I change anything.