Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
Is 766 permissions okay for a directory where my website users can upload images to?
I using 766 because when I set the directory to 666, the script returns an error and the file is not uploaded. Please is there any explanation for this?
Thanks
Yes, 755 is the way to go because the User need the execute flag to enter the directory.
Edit
Same issue with 766 if the Web user is either Group or Others. 6 = read/write and lack the execute flag.
So 766 wont work if the web server is not the owner of the directory.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I am using hosting provided by 000webhost.com.
Root directory is: public_html
I set it's file attributes to 700 by using FileZilla ftp.
Also I set individual file permissions to 600.
public_html directory has only one file which is index.html.
Now even though I have set puclic permission to zero as evident from right-most zero in both 600 and 700. Still I am able to view file index.html by using web browser here is the link. Why is that? I thought last zero in 600 or 700 meant public would not be able to view file, what is happening now then?
Now, I think this is because the file is readable by your Apache user and it is Apache that is delivering the files to the browser. What is the ownership of the file/folder. Can you put these secure files outside the web root?
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I downloaded the laravel from server to my local windows8
xampp->htdocs folder. Below is the error i am getting.
Error in exception handler: The stream or file
"C:\xampp\htdocs\laravel\app\storage/logs/log-apache2handler-2014-12-11.txt"
could not be opened: failed to open stream: Permission denied in
C:\xampp\htdocs\laravel\vendor\monolog\monolog\src\Monolog\Handler\StreamHandler.php:77
I tried to give the permissions full permissions in security->full
control but not changing. What should i do to solve this issue
I am using windows 8 with xampp latest version 3.2.1
Make sure you are an admin user on that computer.
The entire app\storage folder and its contents (including sub directories) must be writeable by the user which owns the Apache process (or everyone if you're in a testing environment)
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I have LAMP installed in my server and I use virtualhosts to map domains to subdirectories. I need to allow my customers to upload files (including php) to their server using FTP.
The problem is that a customer using a domain xxx.com.br uploaded a file test.php and executed it like:
xxx.com.br/test.php
The content of test.php if file_put_contents("../../xxx.txt","teste") and it worked! The file xxx.txt was created 2 levels above his domain folder! How do I prevent this from happening?
Don't give the PHP process access to directories it isn't meant to reach.
That's kind of the point of the whole permission system.
In Linux, PHP will generally run as its own user, just make sure that user doesn't have read or write permission to any files you don't want exposed.
For this purpose exists open_basedir configuration directive. More information about it for example here.
Moreover it is good to use FastCGI which allows each script to be run under its owner. More information about it for example here.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
If i write a file into /var/test, how can i access it through the website?
Because from having a look at the directories, the file needs to reside in /var/www/html/ so i can access it through the url.
for example if i were to write into /var/www/html/directory/file.txt all i'd need to do to access it is visit the following url:
www.example.com/directory/file.txt. But i'm not sure how to do this when writing to /var/test/file.txt.
Thanks to anyone who can help.
You can't access it via the website, unless you configure the server to allow it. Which is a good thing so your web server doesn't expose all of your files to the internet.
See the Documentroot and Alias Directives in the Web server configuration (assuming you're running apache).
this is a web-server setting, for apache see http://httpd.apache.org/docs/2.2/urlmapping.html
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I'd like to restrict using PHP-CLI for a user. I mean on the same server, I want to use PHP-CLI with my account and I want no other user to access PHP-CLI interface. Or choose which user can use it.
Is this possible?
Many ways. A simple one:
chmod 754 /usr/bin/php
chgrp php /usr/bin/php
Then add only the person you want to that php group
Of course, apache or the web user should also be in that group too.