RBaxter Posted January 29, 2009 Share Posted January 29, 2009 Hi all. I've had to reinstall a shop onto a different server. The configure.php files in includes and admin/includes used to be chmodded to 400 for security reasons. However, for the life of me I can't get my new server to work with this; it requires 404. Now, I'm new to adminstering my own server so I'm probably doing something wrong in that end, but I was wondering if anyone know whether it was safe to have these files set to 404? Since they have things such as database passwords etc stored in them, I don't want anybody out there getting their mits onto them! Thanks for your help in advance, -R Link to comment Share on other sites More sharing options...
Guest Posted January 29, 2009 Share Posted January 29, 2009 Hi all. I've had to reinstall a shop onto a different server. The configure.php files in includes and admin/includes used to be chmodded to 400 for security reasons. However, for the life of me I can't get my new server to work with this; it requires 404. Now, I'm new to adminstering my own server so I'm probably doing something wrong in that end, but I was wondering if anyone know whether it was safe to have these files set to 404? Since they have things such as database passwords etc stored in them, I don't want anybody out there getting their mits onto them! Thanks for your help in advance, -R Hi I'd be interested in the answer to this, if the config.php does contain passwords why does the docs suggest 444, granting everyone read access? sure there's a obvious answer, but i'd be interested to know what it is! Link to comment Share on other sites More sharing options...
Guest Posted January 30, 2009 Share Posted January 30, 2009 bump Link to comment Share on other sites More sharing options...
RBaxter Posted January 30, 2009 Author Share Posted January 30, 2009 I've been looking around but haven't found anything to help yet... I'll try and get back today with some more info. -R Link to comment Share on other sites More sharing options...
FIMBLE Posted January 30, 2009 Share Posted January 30, 2009 400 is user read only 404 is user + world read only 444 is user + world + group read only 644 is user + world + group read only AND user write 400 would be ideal but on some servers will throw a 404 error most would go for 444 but a lot must also settle for 644 which while not perfect is OK. No one will be able to read a php file from a browser as php is taken from the server and passed to the php engine to read then pass back to the server for decoration (html etc) so unless some actually get a hold of your file and can open it then its safe. Nic Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
RBaxter Posted February 1, 2009 Author Share Posted February 1, 2009 That's great, thank you for clearing that up! -R Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.