Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

folder or file permittion 777


axioma

Recommended Posts

you can find a lot of contributions that says " the folder x has to have 777 permission" it is true in most of the images contributions..... what can we do in these cases?.

 

is a 777 an open door for hackers, troyans etc??

Link to comment
Share on other sites

you can find a lot of contributions that says " the folder x has to have 777 permission" it is true in most of the images contributions..... what can we do in these cases?.

 

is a 777 an open door for hackers, troyans etc??

 

You should not have any folder over 755 nor file over 666 (if it need to be written to) otherwise 644.

Its like locking your door and going out somewhere but leaving your keys still in the door.

 

If you need to set permissions to 777 for images folder youneed to talk to your host about it, as you say its not safe at all.

 

Nic

 

 

 

 

 

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

Link to comment
Share on other sites

IS THIS TRUE?

 

"This robots text file will also help you by removing one way for hackers to find your images folder as a lot of stores seem to get hacked via it. It will also help hide your admin from everyone but you, it is not that hard to figure out.

 

Cheers". comes from contribution 'robots.txt Sample File" link

 

MEANING USEFUL FOR FOLDERS 777 SUCH AS IMAGES FOLDER....

Link to comment
Share on other sites

IS THIS TRUE?

 

"This robots text file will also help you by removing one way for hackers to find your images folder as a lot of stores seem to get hacked via it. It will also help hide your admin from everyone but you, it is not that hard to figure out.

 

Cheers". comes from contribution 'robots.txt Sample File" link

 

MEANING USEFUL FOR FOLDERS 777 SUCH AS IMAGES FOLDER....

Just follow Nic's 'rules' and you will be fine

 

otherwise we'll probably see you back with a whole different kind of topic.. ;)

Link to comment
Share on other sites

  • 3 weeks later...

If you need to set permissions to 777 for images folder youneed to talk to your host about it, as you say its not safe at all.

 

Nic

 

I'm really confused....is this really true?

 

With all the concern being expressed about "777" permissions I raised the matter with my ISP and was told that whether is was a risk or not depends on how the server is configured. I'm told that if the server is set up correctly that "the 777 gives global permissions to applications on the server and not to the world."

 

Not surprisingly I also found other threads on the web suggesting it's not an issue either providing your server is set up correctly. Maybe we should be advising folks to check with their ISP.

 

Dan

Link to comment
Share on other sites

Most servers are NOT setup "correctly".

 

And what if the person you talk to concerning this doesn't know what they're talking about?

:unsure:

 

"777" isn't a good idea if you value your site and the time/effort/money you have invested in it.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Most servers are NOT setup "correctly".

 

And what if the person you talk to concerning this doesn't know what they're talking about?

:unsure:

 

"777" isn't a good idea if you value your site and the time/effort/money you have invested in it.

 

So you would agree...if the server is set up correctly it's a none issue?

 

Dan

Link to comment
Share on other sites

So you would agree...if the server is set up correctly it's a none issue?

 

Dan

You'll never catch me with a "777" permissions folder.

 

What if they change the server setup that makes this a "non issue" and turns it into a hackers paradise and fail to inform you?

:unsure:

 

It's just not the thing to do (IMHO).

 

If you never do it, you never have to worry about it.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...