Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

File Permissions Question Rate Topic   - - - - -

 
  • rrrolfs
  • Member
  • Members
  • Join Date: 17-Dec 11
  • 15 posts

Posted 17 December 2011 - 01:30 AM #1

In the installation notes it states that the file permissions for the following files and folders need to be set up a certain way:
> chmod 666 config.local.php
> chmod -R 777 images
> chmod -R 777 skins
> chmod -R 777 var

Can we change this to something more secure? This leaves a security hole open. A hacker could upload their own scripts and cause all kinds of problems. What are other users using for file permissions?

 
  • tbirnseth
  • CS Cart Expert
  • Authorized Reseller
  • Join Date: 08-Nov 08
  • 11660 posts

Posted 17 December 2011 - 08:20 PM #2

Yes, but depends on your hosting environment. Those settings yield the least number of support calls! :-)
You can use 660 fo config.local.php, 644 for all other files and 755 for most all directories if you are running suPHP or fastCGI. If you are running in the old Apache mode then you will need your directories to be 775 and files set to 664.

Work with your host and tell them that everything in your store needs to be able to be written but a running PHP process in the store.

EZ Merchant Solutions: Custom (USA based) B2B Development, Consulting, Development and Special Projects (get a quote here).
Commercial addons, payment methods and modifications to meet your business and operations needs.