cooch Posted October 5, 2005 Posted October 5, 2005 In order to upload new product images, the image directory must be writeable by the php scripts. Someone recently uploaded a shell program to this directory and spammed; we were lucky they didn't do more damage! How do you prevent this? Do you simply change the permissions after each time you are done uploading? Thanks!
Guest Posted October 5, 2005 Posted October 5, 2005 you set the owner only to have write access to the images directory. So typically the dir settings will be 755.
cooch Posted October 5, 2005 Author Posted October 5, 2005 you set the owner only to have write access to the images directory. So typically the dir settings will be 755. Thanks for the reply. However, the way our host's webserver is set up, the php scripts are not owned by owner, but by www. This means that the directories they access have to be writeable by www, which opens them up to anyone hitting the pages via http. I tried setting the image directory to 755, but the admin section showed the "the image directory is not writeable" error, and I could not upload.
Guest Posted March 14, 2006 Posted March 14, 2006 Thanks for the reply. However, the way our host's webserver is set up, the php scripts are not owned by owner, but by www. This means that the directories they access have to be writeable by www, which opens them up to anyone hitting the pages via http. I tried setting the image directory to 755, but the admin section showed the "the image directory is not writeable" error, and I could not upload. Sorry to bring this up, but did you manage to solve this problem? Thanks Sam
cooch Posted March 14, 2006 Author Posted March 14, 2006 Sorry to bring this up, but did you manage to solve this problem? Thanks Sam Nope. Had to keep permissions at 755 until I want to upload new products, at which time I set it to 777. I am looking into setting the permissions to 777 via ftp, then back to 755 after uploading. cooch
Recommended Posts
Archived
This topic is now archived and is closed to further replies.