axioma Posted October 15, 2009 Posted October 15, 2009 you can find a lot of contributions that says " the folder x has to have 777 permission" it is true in most of the images contributions..... what can we do in these cases?. is a 777 an open door for hackers, troyans etc??
FIMBLE Posted October 15, 2009 Posted October 15, 2009 you can find a lot of contributions that says " the folder x has to have 777 permission" it is true in most of the images contributions..... what can we do in these cases?. is a 777 an open door for hackers, troyans etc?? You should not have any folder over 755 nor file over 666 (if it need to be written to) otherwise 644. Its like locking your door and going out somewhere but leaving your keys still in the door. If you need to set permissions to 777 for images folder youneed to talk to your host about it, as you say its not safe at all. Nic Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
axioma Posted October 20, 2009 Author Posted October 20, 2009 IS THIS TRUE? "This robots text file will also help you by removing one way for hackers to find your images folder as a lot of stores seem to get hacked via it. It will also help hide your admin from everyone but you, it is not that hard to figure out. Cheers". comes from contribution 'robots.txt Sample File" link MEANING USEFUL FOR FOLDERS 777 SUCH AS IMAGES FOLDER....
peter222 Posted October 20, 2009 Posted October 20, 2009 IS THIS TRUE? "This robots text file will also help you by removing one way for hackers to find your images folder as a lot of stores seem to get hacked via it. It will also help hide your admin from everyone but you, it is not that hard to figure out. Cheers". comes from contribution 'robots.txt Sample File" link MEANING USEFUL FOR FOLDERS 777 SUCH AS IMAGES FOLDER.... Just follow Nic's 'rules' and you will be fine otherwise we'll probably see you back with a whole different kind of topic.. ;)
Dan Cole Posted November 8, 2009 Posted November 8, 2009 If you need to set permissions to 777 for images folder youneed to talk to your host about it, as you say its not safe at all. Nic I'm really confused....is this really true? With all the concern being expressed about "777" permissions I raised the matter with my ISP and was told that whether is was a risk or not depends on how the server is configured. I'm told that if the server is set up correctly that "the 777 gives global permissions to applications on the server and not to the world." Not surprisingly I also found other threads on the web suggesting it's not an issue either providing your server is set up correctly. Maybe we should be advising folks to check with their ISP. Dan Need help? See this thread and provide the information requested. Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here.
germ Posted November 8, 2009 Posted November 8, 2009 Most servers are NOT setup "correctly". And what if the person you talk to concerning this doesn't know what they're talking about? :unsure: "777" isn't a good idea if you value your site and the time/effort/money you have invested in it. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
Dan Cole Posted November 9, 2009 Posted November 9, 2009 Most servers are NOT setup "correctly". And what if the person you talk to concerning this doesn't know what they're talking about? :unsure: "777" isn't a good idea if you value your site and the time/effort/money you have invested in it. So you would agree...if the server is set up correctly it's a none issue? Dan Need help? See this thread and provide the information requested. Is your version of osC up to date? You'll find the latest osC community version (CE Phoenix) here.
germ Posted November 9, 2009 Posted November 9, 2009 So you would agree...if the server is set up correctly it's a none issue? Dan You'll never catch me with a "777" permissions folder. What if they change the server setup that makes this a "non issue" and turns it into a hackers paradise and fail to inform you? :unsure: It's just not the thing to do (IMHO). If you never do it, you never have to worry about it. If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
Recommended Posts
Archived
This topic is now archived and is closed to further replies.