Protect folders by permissions, directory and script file permissions.

2010/03/26 网站开发

A variety of files and directories in your website need to be given the correct permissions to work properly.Giving permissions to files or directories in the Unix world is called CHMOD (change mode). Chmod is a Unix command that lets permission levels be assigned to each file or directory. The proper CHMOD is also needed to help you with your website protection and security.

The following are the basic file permissions:

Files: 644
Folders: 755 (with index page in it)
Images: 644
CGI scripts: 755
Php scripts: 644

Folders with CHMOD 755 must have an index page in it. By default, your public or public_html directory is typically set to CHMOD 755. With this setting, if a Web surfer connects to your website, the server will display either your home page (if a file with the name index.html, index.htm, or index.shtml, etc., exists) or a listing of all the files in that directory. This also holds true for any sub-folder in your domain, which is why you need an index page in every folder on your website. Always make sure your folders are given 755 permissions (with index file in it) OR 711 permissions. 711 gives Access denied error. This permission setting will not show a file listing. If there is no index page, the Web surfer will receive a “Forbidden” error message.

The CHMOD capability depends on two conditions:

  1. The server you are connected to must support the CHMOD command.
  2. You must have access rights to change the attributes of that remote file or directory.

Make sure these two conditions are fulfilled.The 644 Files permissions represents the permissions of your web pages. Suppose you have just finished modifying your web page and you did not want anybody to update or to delete it. Then, give the web page file permission CHMOD 444 and it will have this effect. This gives everybody, including the owner (user), only read capability. If the owner turns off the write permission, the file is protected from accidental or deliberate destruction. You may have to set CHMOD 444 via your host CPanel in a browser. Make sure you check this out. If you entered your site via FTP, edit your web page file by adding a small change and then removing it. When you try to save the file, you should not be allowed to over-write it. Once you have changed file persmission to CHMOD 444 on your web page, ensure that it still functions and runs properly. Whenever you need to edit your web page, simply change back to CHMOD 644, do your changes, and then change again to CHMOD 444.

Having to change file permissions everytime you need to edit a web page might feel a bit tedious. Preventing attacks to your website which could stop all traffic to your website, may be well worth the extra few minutes needed to edit a web page via the CHMOD command.


    Table of Contents