For WP it’s recommended to chmod directories 755 and files 644 for “hardening” purposes.

Does the same advice apply to bbP, and would using that scheme break anything?

[Sam BauersParticipant @sambauers 5 years ago]

It depends on your webserver setup, but generally that sounds OK

You might want to further restrict your config file if you are on a shared host.

[_ck_Participant @_ck_ 5 years ago]

Note that 755/644 is a false sense of security.

I can write a file in any directory regardless of permissions on a server with posix support (any linux server) by being able to switch the PHP username to yours. However, Safe Mode and/or Open_base_dir will prevent the posix trick from working (unless of course the code is executing from your own directory)