Koozali.org: home of the SME Server

Obsolete Releases => SME Server 9.x => Topic started by: Alex_SG on March 01, 2017, 12:21:30 AM

Title: Correct Permissions for web server with php / dynamic content
Post by: Alex_SG on March 01, 2017, 12:21:30 AM

Hi!

What are the correct permissions for an ibay to use it for a domain with php?
If i use an ibay with write admin / read group, do a ftp transfer with admin account so i had to change the permissions

for files chmod 644
and for directories 755

Is that correct?

owner is admin and group is www...

OR must a group definded in the ibay and set it to write group / read everyone?

Title: Re: Correct Permissions for web server with php / dynamic content
Post by: ReetP on March 01, 2017, 11:27:24 PM

I think a simple

Code: [Select]

signal-event ibay-update
should set all files and directories to the correct permissions

B. Rgds
John

Title: Re: Correct Permissions for web server with php / dynamic content
Post by: janet on March 02, 2017, 12:40:26 AM

Alex_SG

Quote

must a group definded in the ibay and set it to write group / read everyone?

Read the server manager ibay panel "on screen notes" carefully, as it advises what those permission settings relate to.
IIRC it is only for LAN file access & ftp access.
Web access is a different issue & that is controlled by ibay default configuration in conjunction with db command advised by ReetP.

Also for web content using php you need to enable the dynamic content setting for the particular ibay, done in server manager ibay panel.

Title: Re: Correct Permissions for web server with php / dynamic content
Post by: Jean-Philippe Pialasse on March 02, 2017, 05:15:57 AM

it will be more :

signal-event ibay-modify or signal-event ibay-modify-files

keep in mind that www ( the apache user) will be member of the group. ( except if group is admin, and group ownership will be granted to www instead of admin)
hence if you want your apache server to be able to write you should use write group and read group

every time you will trigger one of the ibay related event it will default the permissions and owners.

Title: Re: Correct Permissions for web server with php / dynamic content
Post by: Alex_SG on March 02, 2017, 02:40:41 PM

Thx to all.

Now set set the ibay config to write group read everony. Now the dynamic content ist working.

Title: Re: Correct Permissions for web server with php / dynamic content
Post by: Alex_SG on March 14, 2017, 11:21:57 PM

Now i have an another question about the file permissions. My Security plugin of word press give me the notice - its better to change the file permissions:


dir                                                                                                         current  should be...
root directory   /home/e-smith/files/ibays/w2bay/html/               2775   0755
wp-admin   /home/e-smith/files/ibays/w2bay/html/wp-admin            2775   0755
wp-content   /home/e-smith/files/ibays/w2bay/html/wp-content            2775   0755
wp-includes   /home/e-smith/files/ibays/w2bay/html/wp-includes         2775   0755
.htaccess   /home/e-smith/files/ibays/w2bay/html/.htaccess   Not Found      0664   0644
readme.html   /home/e-smith/files/ibays/w2bay/html/readme.html         0664   0400
wp-config.php   /home/e-smith/files/ibays/w2bay/html/wp-config.php         0664   0644
wp-admin/index.php   /home/e-smith/files/ibays/w2bay/html/wp-admin/index.php      0664   0644
wp-admin/.htaccess   /home/e-smith/files/ibays/w2bay/html/wp-admin/.htaccess      0664   0644

first value current permission, second value = recommended

I cannot change the permisssions of the directories The 2775 will appears again after chmod 0744.
Is it a security problem or not the emergency?

Title: Re: Correct Permissions for web server with php / dynamic content
Post by: Jean-Philippe Pialasse on March 15, 2017, 01:07:37 AM

read here to understand 0 1  2 3 and 6 value: https://en.wikipedia.org/wiki/Setuid