How to chmod files in my web server
Hello
I have a web server in my PC. I need to chmod the files correctly so I
don't have a security risk.
I am using a CMS for the website.
I have full access to my pc, as it is in my house, and I can
manipulate it through keyboard, so I have no problem to change the
chmod to the most restrictive ones.
I have these:
1) The config file, wich I chmod 444. This way is readable for all,
but can't be executed or writen. What does this mean? People can read
the password and user and other data there? Should I chmod that to
400 ? So no one, except me, can read it?
2) The folders that users need to write to. For example where they
upload the images or files that are public. I should chmod them to
777. Is this right?
3) The rest of the website folders. I think they are well chmod 755.
This means I can write, and the other can open or execute.
I think this is not a good setup. Maybe, I can do a more restrictive
setup that permits all people look the website, use it.
Remember, I have those 3 pieces: the config, the users folders and the
rest.
Are those chmod ok?
Should I do a different chmod for files and folders?
How?
Thanks
Jordi
Reply to: