Jump to content

File Permissions

Sarah

By Sarah
in General Discussion

 Share

Recommended Posts

Sarah Junior Member

Sarah

Posted
Posted

Hello,

 

Can someone confirm the following

 

1. Should the file permissions be set to 644 and folders to 755 or should they and can they safely all be left at 755 ?

 

2. Will WHMCS work fully if I change the permissions to files 644 and folders 755 ?

 

3. I note that there are some files such as pipe.php will not work with permissions less than 755. Is this a security risk? If not why not?

 

4. I also see from the install instructions that some folders may need to be set to 777. Is this not a security risk?

 

My hosting company has already raised their concerns with me about the file permissions and are telling that my installation of WHMCS is a potential security risk because of them. I would really appreciate if someone could confirm the position on this and give some guidance?

 

Thank you

 

Sarah

0
Link to comment
Share on other sites
JofleyUK Senior Member

JofleyUK

Posted
Posted

755 Permissions are fine. the 777 folders are requited for cache and uploads from support, unless these are kept at 777 they wont work. I am sure that the many thousands of hosts here that use WHMCS will tell you, WHMCS security is the least of your worries, an over paranoid host maybe.

 

Rest assured we have been using WHMCS for years, yes years, and it's never been a security risk. It's not the only script that requires 777 permissions on certain directories. Just out of interest, does your host use WHMCS?? If so it would be interesting to know how their permissions are setup.

0
Link to comment
Share on other sites
JofleyUK Senior Member

JofleyUK

Posted
Posted

My script requires 777

So what about php scripts that say they require 777 permissions on some of their directory or files to work, such as a Joomla!, Forums, photo galleries and alike? Due to the transparent nature of suPHP this is solved very simply, any directories stated as requiring to be "writable" or "777" can safely be set to 755 (the maximum) instead.

 

This is because, now that the web server runs under your own user account, only your own user account needs full write and execute permissions.

 

You are correct.

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept