Skip to:
Content
Pages
Categories
Search
Top
Bottom

Hardening with file permissions?

  • For WP it’s recommended to chmod directories 755 and files 644 for “hardening” purposes.

    Does the same advice apply to bbP, and would using that scheme break anything?

Viewing 2 replies - 1 through 2 (of 2 total)

  • Sam Bauers
    Participant

    @sambauers

    It depends on your webserver setup, but generally that sounds OK

    You might want to further restrict your config file if you are on a shared host.


    _ck_
    Participant

    @_ck_

    Note that 755/644 is a false sense of security.

    I can write a file in any directory regardless of permissions on a server with posix support (any linux server) by being able to switch the PHP username to yours. However, Safe Mode and/or Open_base_dir will prevent the posix trick from working (unless of course the code is executing from your own directory)

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.