i'm asking what's the best linux permission to drupal files in the purpose to secure it.
My setting.php is under 444 but the others are 755 .
Thank you
Once finished editing the settings.php file, you should change it to 440 giving only you and the webserver read-only access.
440 is fine for the settings file. For the others do:
Navigate to sites/default folder:
chown -R :www-data files
Then give you and web server read/write permission to files folder ('s' makes the files inside the directory inherit these permissions.)
chmod g+ws files
If you need to overwrite previous created files' permissions do (navigate to sites/default/files):
find . -type d -exec chmod g+ws {} \;
find . -type f -exec chmod 664 {} \;
Now your web server can read/write but not execute files in the files directory.
Related
I am working with digital ocean and WordPress. I have uploaded my theme and my file permissions are all wrong. I know how to set the file permissions individually using ssh but I'm wondering if I can do multiple at once rather than doing each individually. I want to set all folders inside my theme to 755 and all files to 644 (correct me if this is wrong)
Here's what I have done so far; I navigated to my theme folder using ssh then used to following command to set file permissions;
chmod 644 file.php
chmod 755 folder
chmod -R 755 will set these permissions to all files and subfolders in the tree. To set the directories to 755 and either leave the files alone or set them to 644. For this, you can use the find command. For example:
To change all the directories to 755 (drwxr-xr-x):
find /opt/lampp/htdocs -type d -exec chmod 755 {} \;
To change all the files to 644 (-rw-r--r--):
find /opt/lampp/htdocs -type f -exec chmod 644 {} \;
Please try below command for directory
find /var/www/html/ -type d -exec chmod 755 {} \;
Below command is for files permission
find /var/www/html/ -type f -exec chmod 644 {} \;
I'm new to Ubuntu. Giving permission to folder using the following command in Terminal.
chmod -R 777 /var/www/html/
This command is working for html folder only. But, I have many sub folders in html folder.
How can i give 777 permissions to all the sub folders at a time?
I think you really want to do is set the directories to 755 and either leave the files alone or set them to 777. For this, you can use the find command. For example:
To change all the directories to 755 (-rwxr-xr-x):
find /var/www/html/ -type d -exec chmod 755 {} \;
To change all the files to 777 :
find /var/www/html/ -type f -exec chmod 777 {} \;
Hope this helps you.
This is a 2 part question.
Recently my site was hacked, and I'm guessing the main way whoever it was who did it was some of my original sites might have had iffy permissions on the files/folders.
So, part 1. What are they best permissions for files and folders? From what I've read 644 for files and 755 for folders seem to be the best.
And part 2. In Linux is there any command I can do in the root directory to loop through all the folders and files in my sites and apply permissions to both files and folders? So I don't have to go through each directory manually applying permissions (I have ssh access)
Part2:
Folders
find -type d -exec chmod 755 \{\} \;
Files
find -type f -exec chmod 644 \{\} \;
After an install / setup of Magento on a LAMP Server, what files should be left writable, readable, and/or executable (by owner, group, public)?
What is optimal for a secure magento server?
All folders should be 775
All files should be 664.
Now the exceptions:
/var should be writable for everyone (777)
/media folder should allow web to write in it.
You can run those if you have SSH access:
find . -type d -exec chmod 775 {} \;
find . -type f -exec chmod 664 {} \;
Atleast that is what Magento Wiki suggest.
I'm trying to figure out what is the best file permissions/user/groups for files under my document root?
I have the following file structure
/home/user/public_html/
under public_html are all of my php files and directories.
I have one directory /home/user/public_html/files/ where people upload images to that directory.
What is the most secure way to distribute file permissions/groups/user so that apache can properly display the php files and directories?
Should I make public_html owned by apache? What group should I use for public_html?
thanks!
My Favourite mix of permissions for apache is to give it ownership of apache:apache, all folders chmod to 550 or 555, and all files chmod to 440/444. I suggest the following:
/home/user/public_html/ owned by apache:apache with permissions 555 (read/x by everyone)
/home/user/public_html/files/ owned by apache:apache with 775 (read/write/x by root/apache, read/x by all)
First need to find which user running https / apache2 server
ps -aux | grep apache2
Most of times apache or www-data comes
We need to set this user
chown -R www-data:www-data /var/www/html
Then file permission should be 644 and folder 755
we can do that using find command
find /var/www/html -type f -not -perm 644 -exec chmod 644 {} \;
find /var/www/html -type d -not -perm 755 -exec chmod 755 {} \;