What do you think about this configuration on a dedicated virtual server with DSO to increase security.
Change the owner and group to “apache†for catalog, images, skins, & var directories.
Set directories to 755 (catalog, images, skins, & var).
Set files to 644 within catalog, images, skins, & var directories.
Set files to 600 within var/database/backup.
Set the default permissions in config.php to:
define(‘DEFAULT_FILE_PERMISSIONS’, 0644);
define(‘DEFAULT_DIR_PERMISSIONS’, 0755);
I saw that other people were doing this with Joomla cart.
What do you this security experts?
Things look good however, do not backup your DB to local server and block “var/database/backup” just in case you made a mistake. Use your control panel to do so and save directly to your desktop.
OPTION 2
What do you think about this configuration on a dedicated virtual server with DSO to increase security.
Create a group with ME and APACHE
Change the owner and group to “me:apache†for catalog, images, skins, & var directories.
Set directories to 775 (catalog, images, skins, & var). Other dir to 755.
Set files to 664 within catalog, images, skins, & var directories.
Set files to 660 within var/database/backup.
Set the default permissions in config.php to:
define(‘DEFAULT_FILE_PERMISSIONS’, 0664);
define(‘DEFAULT_DIR_PERMISSIONS’, 0775);
What do you think about OPTION 2 security experts?
[quote name=‘dspotskey’]OPTION 2
What do you think about this configuration on a dedicated virtual server with DSO to increase security.
Create a group with ME and APACHE
Change the owner and group to “me:apache†for catalog, images, skins, & var directories.
Set directories to 775 (catalog, images, skins, & var). Other dir to 755.
Set files to 664 within catalog, images, skins, & var directories.
Set files to 660 within var/database/backup.
Set the default permissions in config.php to:
define(‘DEFAULT_FILE_PERMISSIONS’, 0664);
define(‘DEFAULT_DIR_PERMISSIONS’, 0775);
What do you think about OPTION 2 security experts?[/quote]
The answer could be very esay: try to start by low permissions. You will see whether the store is working properly or not.