Differences

This shows you the differences between two versions of the page.

--- linux:joomla_file_permissions [2017/11/28 09:20]
admin created
+++ linux:joomla_file_permissions [2017/11/28 09:28] (current)
admin
@@ Line 2: / Line 2: @@
+This is very dangerous to have all Joomla! files and directories writable for webserver.
+If any bug in Joomla! or in some extension, the attacker will be able to remove/change/delete any file through the random exploit (utilizing the bug in PHP code).
+Instead of this, all files should be only readable by web server (ie: owner should be root or the normal user you have) and all permission sould be 755 for directories and 644 for files.
+Only the cache directory should by writable by www server (if you use caching).
+So something like this should be performed for whole Joomla directory (for Ubuntu & spol.):
+<code bash>
+ cd /var/www/whatever-your-joomla-root-dir-is
+ find . -type f -exec chmod 644 {} \;
+ find . -type d -exec chmod 755 {} \;
+ chown -R www-data:www-data
+</code>
+Meybe can be changed permissions for cache and tmp in joomla directory:
+<code bash>
+chmod -R o+w tmp
+chmod -R o+w cache
+</code>
+You may need to change directories with extensions or templates the same way as cache directory only for the time you installing/removing one of them and then change ownership back.
+For Fedora, CentOS, RHEL, Scientific Linux etc. command should be:
+<code bash>
+chown -R apache .
+</code>
+Instead of changing ownership (this could be done as root only) you may just enable write permission for others by this command (and later revert back by passing o-w to the same command):
+<code bash>
+chmod -R o+w cache
+</code>

ACIM Personal Knowledgebase

User Tools

Site Tools

Differences

Page Tools