Hi,
I'd like to allow a script on my server to upload files to the server, and for the public to view the files.
However, I don't want the public to be able to write files to that folder.
What CHMOD value would I use to achieve this?
Many thanks.
| SitePoint Sponsor |
Hi,
I'd like to allow a script on my server to upload files to the server, and for the public to view the files.
However, I don't want the public to be able to write files to that folder.
What CHMOD value would I use to achieve this?
Many thanks.
Let me rephrase that:
"I want people to be able to write to a folder, but I don't want people to be able to write to that folder".
Sounds like a deadlock to me ...
Anyone else?
Rémon - Hosting Advisor
Minimal Bookmarks Tree
My Google Chrome extension: browsing bookmarks made easy
Eeeek. My apolgies.
I want my script on my server to be able to write files to the folder.
But I don't want scripts, not on the server, to write to it.
Also, what would be the safest CHMOD value to give, if I just wanted to FTP my files to the server and let public view them?
644, given the FTP uploader is the owner of the file(s).Originally Posted by invision2
Last edited by ScallioXTX; Jan 6, 2010 at 11:52. Reason: Not 755, but 644
Rémon - Hosting Advisor
Minimal Bookmarks Tree
My Google Chrome extension: browsing bookmarks made easy
Cool.
And 755 wouldn't allow "outsiders" to write files?
I meant 644, and yes, that wouldn't allow outsiders to write the files.
Rémon - Hosting Advisor
Minimal Bookmarks Tree
My Google Chrome extension: browsing bookmarks made easy
Aaaah, OK.
It's strange though, as I've made one directory '644' and now I get a 'Forbidden' message when I try to view it(?)
Is that supposed to be the case?
Wait ...
It's a directory, not a file /desk ...
Try 755 for directories and 644 for files ...
Rémon - Hosting Advisor
Minimal Bookmarks Tree
My Google Chrome extension: browsing bookmarks made easy
Yes, a directory.
755 for directories, 644 files. Sounds good.
Many thanks for your help with this. It was so close to dinner, I wasn't making any sense
I think our site got brut3 forc3d hitI've a feeling they got into the administration directory and uploaded a maliscious file to one of my other folders
That's why I was hoping to quash it if possible.
So 755 will only allow people to upload files, using a script on my server?
Oh, and if I had super secure scripts(like db connection ones), would I keep these out of the root?
Thanks again for all your help.
Posting Permissions
Bookmarks