File Permissions

From Campus Web Server Help

Jump to: navigation, search

There are many who would pervert the intended use of your site. Some would like to deface your site. Others would leech server resources subtly to serve up weight loss or drug ads. You must secure your site by using appropriate file permissions.

Note that most files in the web area of the server are in the "www" group. Files in your home directory are typically owned by your username.

If a file is writable by the group or others, ask yourself "WHY?" There are very few times where this is necessary. Examples are file-based image galleries. In that case, the server needs to accept uploaded files and store them on the server. So, there must be a directory which is writable by the "www" group. Uploaded files will be owned by www. For now, this is a necessary evil.

Some web-based installers direct you to allow the server user, "www", write access to the files. There is usually a manual install method that obviates the need for this. If you choose to use the installers, disable group/world write access once installation is complete.

Otherwise, typical permissions on directories are 755 (drwxr-xr-x). For files, 644 (rw-r--r--) should be suffient.

Retrieved from "http://wiki.eits.uga.edu/campuswebhelp/index.php/File_Permissions"
Views