This is a 2 part question.
Recently my site was hacked, and I'm guessing the main way whoever it was who did it was some of my original sites might have had iffy permissions on the files/folders.
So, part 1. What are they best permissions for files and folders? From what I've read 644 for files and 755 for folders seem to be the best.
And part 2. In Linux is there any command I can do in the root directory to loop through all the folders and files in my sites and apply permissions to both files and folders? So I don't have to go through each directory manually applying permissions (I have ssh access)
Part2:
Folders
find -type d -exec chmod 755 \{\} \;
Files
find -type f -exec chmod 644 \{\} \;
Related
I am working with digital ocean and WordPress. I have uploaded my theme and my file permissions are all wrong. I know how to set the file permissions individually using ssh but I'm wondering if I can do multiple at once rather than doing each individually. I want to set all folders inside my theme to 755 and all files to 644 (correct me if this is wrong)
Here's what I have done so far; I navigated to my theme folder using ssh then used to following command to set file permissions;
chmod 644 file.php
chmod 755 folder
chmod -R 755 will set these permissions to all files and subfolders in the tree. To set the directories to 755 and either leave the files alone or set them to 644. For this, you can use the find command. For example:
To change all the directories to 755 (drwxr-xr-x):
find /opt/lampp/htdocs -type d -exec chmod 755 {} \;
To change all the files to 644 (-rw-r--r--):
find /opt/lampp/htdocs -type f -exec chmod 644 {} \;
Please try below command for directory
find /var/www/html/ -type d -exec chmod 755 {} \;
Below command is for files permission
find /var/www/html/ -type f -exec chmod 644 {} \;
I am trying to search all directories with name 'bin' and change the permission of files under all directories which were successfully found. I tried with the below command:
find -type d -name bin -exec chmod 777 {} \;
But this changed the permission of bin directory. It did not change the permission of the files underlying bin. Please help.
Recursively changing the permission with -R as shown in the solution below is the key. Not the solution provided in the similar question.
Your approach was slightly unsuccessful.
Since your bin directory contains another files and directories, you've to change their permission recursively.
$ find -type d -name bin -exec chmod -R 777 {} \;
I Hope, this is what you've expected in return.
If folder folder is read/write/execute accessible to me, then it should become read/write/execute to everyone.
Calling chmod -R 777 ./folder does not suit, because it makes all files executable, even those that were not executable before.
Is there an easy way?
You could do it with UNIX find combined with the exec flag to run a chmod command on every file that matches a filter, and filter on the executable bit.
e.g.
first find the non executable files recursively and change them to all RW
find ./folder -not -executable -exec chmod a=rw {} \;
then find all the executable ones recursively and change them to all RWX
find ./folder -executable -exec chmod a=rwx {} \;
You might want to add add the files in the folder to a user group like everyone or users depending on your distro.
chown -R <youruser>:everyone ./folder
You can check what available user groups you have with groups command.
i'm asking what's the best linux permission to drupal files in the purpose to secure it.
My setting.php is under 444 but the others are 755 .
Thank you
Once finished editing the settings.php file, you should change it to 440 giving only you and the webserver read-only access.
440 is fine for the settings file. For the others do:
Navigate to sites/default folder:
chown -R :www-data files
Then give you and web server read/write permission to files folder ('s' makes the files inside the directory inherit these permissions.)
chmod g+ws files
If you need to overwrite previous created files' permissions do (navigate to sites/default/files):
find . -type d -exec chmod g+ws {} \;
find . -type f -exec chmod 664 {} \;
Now your web server can read/write but not execute files in the files directory.
After an install / setup of Magento on a LAMP Server, what files should be left writable, readable, and/or executable (by owner, group, public)?
What is optimal for a secure magento server?
All folders should be 775
All files should be 664.
Now the exceptions:
/var should be writable for everyone (777)
/media folder should allow web to write in it.
You can run those if you have SSH access:
find . -type d -exec chmod 775 {} \;
find . -type f -exec chmod 664 {} \;
Atleast that is what Magento Wiki suggest.