CHMOD defaults

Scam · 17 Jul 2009 at 09:41

Just a quicky. The company i have just started at have just moved their webhosting to a dedicated server. The hosting company have copied everything over and we're just waiting for the DNS to update. So it's a standard website structure, but with a subfolder for clients where we link them directly to files. As it was before, there's no password on that folder.

We went to upload some stuff and everything was CHMOD'd to not allow anything, basically (we couldnt even upload). So what should our general website folders be CHMOD'd to? 755? What's the standard? And what would you recommend for our clients folder? I think putting a password on it would be a good idea (i can remember how to do that with .htaccess i'm sure), but what should i CHMOD it to?

Thanks, i did look into it but no-one really says what the CHMOD should be as standard.

Dj_Jestar · 17 Jul 2009 at 09:51

If it's a publically accessible folder, I'd not want execute permissions on it. So 644. However if you have any CGI/CLI scripts, they'll need execute so 755. Depends on your setup.

Scam · 17 Jul 2009 at 11:52

So 644 for the client/uploads folder? Does that go for the rest of the site?

I'm assuming if i stick a .htaccess password on tghe whole clients folder then say we link them to clients/video.zip to download, it'll just prompt them for a username and password? :confused:

Dj_Jestar · 17 Jul 2009 at 11:54

only if the .htaccess has the authorisation rulezs specified of course.

I wouldn't rely on it for security though. You'll probably be ok, but it's not exactly fool proof.

Scam · 17 Jul 2009 at 13:11

Yep. They've not had any passwords on their client/upload folder as of now so i'm sure it'll be fine. Cheers.