Reputation: 258
Cache Folder in PHP 777, Security Concerns
I have a cache folder for which I have to set the permissions as 777. I was wondering that anyone could write in that folder and execute a script to delete or hack my website. I am using a completely self-made php script.
How can I cache my website without having any security concerns. The website caches more than 1000 pages a day.
Upvotes: 1
Views: 2048
Answers (1)
Reputation: 133
There are two cases,
First case :If you are running PHP on a server like Apache., then you need to give access only to the Apache user, this user depends on your linux distribution, for example on Ubuntu it is "www-data" while on other distros it might be "apache". in this case you should do the following : first : make sure Apache is owner of the files :
chown -R www-data /path/to/cache/folder
then give the apache user all the permissions necessary :
chmod 755 /path/to/cache/folder
Second case : If you run PHP in CGI mode then PHP is the user you need to give access to PHP user itself, just like the above two commands, but replace "www-data" with your php user.
Upvotes: 2
Related Questions
- PHP: Is permission 777 a security issue?
- File and folder access management and security (PHP/Apache)
- Caching on shared server - security issue for local cache directory?
- php symfony2 installation cache permissions
- File permission confusion
- PHP file permissions
- file permissions in php
- File permissions
- Security implications of writing files using PHP
- Folder security?