Confused about the CHMOD values

For urgent and private issues, open a support ticket instead of posting: https://secure.installatron.com/tickets
Post Reply
berd
Posts: 6
Joined: Fri Oct 25, 2013 12:50 pm

Confused about the CHMOD values

Post by berd » Tue Nov 12, 2013 10:11 am

Hi,

I am a little bit confused about the CHMOD values for a Joomla setup.

In your knowledge base i read the following:
CHMOD values of 644 and 755 are considered "secure", on files and directories respectively, but might prevent the application from editing files through its own GUI. CHMOD values of 666 and 777, for files and directories respectively, will allow the application to edit its own files and directories, but at an increased security risk.
Now on my server are all the files and folders normally set to: 644 for files and 755 for folders with the UID and GID set to the direct admin user of that account. After update a joomla site with installatron some directories are set to 777 and some files are set to 666.

Can someone explain me if this is safe now, can everybody write in the directories which are during update set top CHMOD 777. Or do i need to run a script after the update which automatiscally set all the files back to 644 and all the folders to 755.

Thanks for your help.
BerD

Phil
Staff
Posts: 490
Joined: Tue Jun 19, 2007 6:06 am

Re: Confused about the CHMOD values

Post by Phil » Tue Nov 12, 2013 9:32 pm

Hello,

On servers using mod_php it's normal to see files either owned by "apache" or chmod 0666/0777. For many applications there's no way around this requirement except to replace mod_php with SuPHP/mod_ruid.

Whenever possible we do recommend using SuPHP/mod_ruid instead of mod_php, however if that's not possible the current permissions are acceptable.

Thank you,
Phil
Phillip Stier
Installatron Co-Founder

Post Reply