Page 1 of 1
Access rights - Concern about security
Posted: Fri 21. Apr 2006, 18:59
by Alex123
Hello everyone,
I am very new with this script (which looks really great) . After I uploaded, I tried to set the access rights based on the instructions found on the main site (the structure of the files shows on the instruction, is a bit different from version 1.2.5).
Unfortunately I was not very successful, so at the end I decided to follow the advise I read “If you have further access problems try to set all files and directories to 777 (not recommend).
Well that is what I did and it worked just fine, but since this solution is Not Recommended, should I change something back ?? ( besides deleting the setup folder) so I wont face any serious security risks in the future.
Thank you in advance for your any advice.
Alex
Posted: Sat 22. Apr 2006, 00:50
by DeXXus
http://www.phpwcms-docu.de/installation_en.phtml
Files & Folder settings
You now need to setup the correct permissons for certain files and folders. This should be done using CHMOD from within your FTP Application.
Folder phpwcms_ftp 777
Folder phpwcms_filestorage 777
Folder phpwcms_filestorage/can_be_deleted 777
Folder phpwcms_template 777
Folder content 777
Folder content/images 777
Folder content/gt 777
Folder content/form 777
Folder content/rss 777
Folder content/tmp 777
Folder content/pages 777
File setup/setup.conf.inc.php 666
File phpwcms_template/inc_css/frontend.css 666
File config/phpwcms/conf.indexpage.inc.php 666
File phpwcms_template/inc_default/startup.php 666
Posted: Sat 22. Apr 2006, 02:01
by Alex123
Hi DeXXus and thank you for your reply,
I am aware of this info. Still my question remains. After I had to CHMOD All the folders and files to 777, in order for the script to work, should I change something back in order to avoid any kind of security risk.
Thanks
Alex
Posted: Sat 22. Apr 2006, 03:27
by DeXXus
Of course, using chmod 777 upon ALL is meant -more- for troubleshooting purposes.
All the files/folders listed above for chmod settings are in the 1.26.DEV release and ~should~ be in 1.2.5 also (I checked the archive).
Perhaps you can clarify that you are using v1.2.5.
Please elaborate on what seems to be missing -AND/OR- what problem you experience with the "recommended settings??
Posted: Sat 22. Apr 2006, 11:36
by Alex123
hi DeXXus,
Since I used chmod 777 upon ALL folders and files., now that everything works ok, should I change the chmod on any of the files back to 666 or 755.
Thanks
Alex
Posted: Sat 22. Apr 2006, 12:00
by flip-flop
hi Alex123,
First please kill the folder "phpwcms_code_snippets.
Your question:
Only these file and folders using 777 or 666.
http://www.phpwcms-docu.de/installation_en.phtml
Please bring all other back to there original settings.
files: 644
folders: 755
Gruß Knut
Posted: Sat 22. Apr 2006, 17:47
by Alex123
Thank you for your reply.
I have also decited to delete 1.2.5 and try again with cvs version 1.2.6.
I didn't try the cvs version from the start, since it is not the latest version located in Sourceforge.
Posted: Sat 22. Apr 2006, 17:59
by Alex123
Thank you for your reply.
I have also decited to delete 1.2.5 and try again with cvs version 1.2.6.
I didn't try the cvs version from the start, since it is not the latest version located in Sourceforge.