Naweed Chougle
Naweed Chougle

Reputation: 520

Question about directory permissions with PHP

Recently, while working on a shared host, I accidentally changed the permissions of my root website directory to 777. The correct permissions should have been 755.

Instantly, I started getting the "Internal Server Error" message for my pages. I figured that the Apache server wanted to stop requests because of a security threat.

I wonder what threat can be caused by giving full permissions to the root directory.

Can someone throw light on that?

Thanks!

Upvotes: 0

Views: 81

Answers (2)

Benoit Courtine
Benoit Courtine

Reputation: 7074

If a file chmod is 777, it will be easier for a cracker to upload malicious scripts in your server or modify your pages, etc. For that reason, only directories where users can upload files should have a public write right.

For your web pages that are not designed to be modified dynamically by the website, a 755 chmod is more secured.

Upvotes: 1

Kevin Sedgley
Kevin Sedgley

Reputation: 1069

There are a variety of answers, but it maybe that Apache doesn't want .htpasswd and .htaccess files to be readable by anyone.

Upvotes: 0

Related Questions