-
AFAIK stuff in the cgi-bin directory should be executable, i.e. anything that is executed as part of a form submit. But your average php web page (mix of html and php) doesn't need execute permission. -
For security any file or directory which you don't explicitly need to write to should only ever have read-execute or for static HTML pages just read should be sufficient.
Allowing write access to a folder or file is a security risk as a hacker could use this to upload malicious files to your server and then execute them by browsing to the location.
On that basis I'd say 123reg's advice is a little concerning and perhaps has been issued to stop them getting lots of support requests for cases where write access is actually needed.Leave a comment:
-
Website file permissions
I have two different hosts, 123Reg says:
We recommend that for directories, you set the permissions to 0711 (user read-write-execute, group and world execute) or 0755 if you are allowing directory indexes (user read-write-execute, group and world read and execute). For CGI scripts themselves, we recommend permissions of 0755 (user read-write-execute, group and world read and execute).It is very important that these permissions are set correctly, or the CGI scripts will not execute.
Hostpapa says:
It is generally good practice to ensure permissions are set to 555 (all read and execute) for directories and 444 (all read) for files, unless a specific program requires them to be set to something different. Avoid using very open permissions such as 777, 755, 666 or 644.
Bit of a difference there, any ideas which is best practice for a) Public HTML and b) PHP scripts. Cheers.
Leave a comment: