Reputation: 520
Question about directory permissions with PHP
Recently, while working on a shared host, I accidentally changed the permissions of my root website directory to 777. The correct permissions should have been 755.
Instantly, I started getting the "Internal Server Error" message for my pages. I figured that the Apache server wanted to stop requests because of a security threat.
I wonder what threat can be caused by giving full permissions to the root directory.
Can someone throw light on that?
Thanks!
Upvotes: 0
Views: 81
Answers (2)
Reputation: 7074
If a file chmod is 777, it will be easier for a cracker to upload malicious scripts in your server or modify your pages, etc. For that reason, only directories where users can upload files should have a public write right.
For your web pages that are not designed to be modified dynamically by the website, a 755 chmod is more secured.
Upvotes: 1
Reputation: 1069
There are a variety of answers, but it maybe that Apache doesn't want .htpasswd and .htaccess files to be readable by anyone.
Upvotes: 0