Posts: 12
Threads: 4
Joined: Sep 2009
Hi Guys, just wanted to ask about the security of folders and files being Chmod'd to 777, personally i can never get the install to go through with 755 and have to load it up to 777, so i just wanted to pick your brains.
Which folders and files need to be Chmod'd to 755?
And has anyone else had my problems where i have to go with 777?
Thanks!
Posts: 20
Threads: 8
Joined: Aug 2009
Posts: 12
Threads: 4
Joined: Sep 2009
From what i can gather it seems that the security is limited to users on the server only so the reason i can't get 755 i believe is do to the way my hosting is a shared account, so that should essentially still mean that data is secure to any visitors. From what i can gather you will only be able to get 755 if you have server persmission and not just your own account on the server. But if anyone has any futher info please chime in
Posts: 1,848
Threads: 86
Joined: Aug 2009
if you look inside install.php, you can see where I first attempt to chmod 775 all folders, then if that doesnt work, i try 777. the folders are these:
Code:
'../data/',
'../data/other/',
'../data/other/logs/',
'../data/pages/',
'../data/uploads/',
'../data/thumbs/',
'../backups/',
'../backups/other/',
'../backups/pages/',
'../backups/zip/'
-
Chris
Thanks for using GetSimple! - Download
Please do not email me directly for help regarding GetSimple. Please post all your questions/problems in the forum!
Posts: 12
Threads: 4
Joined: Sep 2009
Ah i never thought about checking that doh! Thanks!
Posts: 3
Threads: 0
Joined: Jul 2010
Sorry for bumping up an old thread but I thought rather than cluttering up the forum with a new one I would just ask my question here since my issue is similar.
I had to set the /data/ and /backups/ folders to 777 in order to install as well.
But afterward, I was able to change it back to 755 and everything is working so far.
And I was wondering,
1. Is 755 the recommended setting for those 2 folders?
2. What about the
gsconfig.php file? What setting should that be?
Thanks for any help and especially for providing such a great application!!!
Posts: 972
Threads: 27
Joined: Aug 2009
JL Wrote:Is 755 the recommended setting for those 2 folders?
Some security advisers will not agree with 777 as it gives “anyone†write access to the files, in theory “anyone†could be accounts that have accessed the server apart from yours. This is why 755 is recommended, it only allows the owner of the file to write to it, the owner being GetSimple.
JL Wrote:What about the gsconfig.php file? What setting should that be?
Doesn’t really matter as long as it can be used by GetSimple. There are no scripts that write settings into this file so I guess you wouldn’t need to give it any writing permissions at all. Default 755 would do.
Posts: 3
Threads: 0
Joined: Jul 2010
Posts: 3
Threads: 0
Joined: Jul 2010
2010-07-28, 03:45:33
(This post was last modified: 2010-07-28, 03:47:58 by cjrajeev.)
Looks like I spoke too soon. When set to
755, I can edit existing pages but I can't create new ones.
So right now I've set the
/data/pages folder to
777 but the parent folder
/data to
755 and that still works
However, I'm still a little paranoid so I was thinking of disabling
php for the /pages folder. Is that something that would work? Since I assume that folder only stores the
xml files right?
Or does doing that not really make things more secure?
