1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Securing my Webspace

Discussion in 'Security' started by pkallberg21, Aug 3, 2007.

  1. #1
    I currently have a website at a shared hosting company, and I am able to enter other users webspace. I would therefore like to secure my webspace so that other FTP users are not able to enter my webspace and view php files.

    I contacted my host regarding this, and they told me to chmod php files to 644 and the katalog? to 711. Is this correct? I do not want to make a mistake doing this so that I loose access to my files.

    Thankful for any help:)
    SEMrush
     
    pkallberg21, Aug 3, 2007 IP
    SEMrush
  2. cyanide

    cyanide Peon

    Messages:
    483
    Likes Received:
    26
    Best Answers:
    0
    Trophy Points:
    0
    #2
    What does this mean?
    That does not sound good at all, and you shouldn't have to secure yourself from that. It should already be like that.
     
    cyanide, Aug 3, 2007 IP
  3. pkallberg21

    pkallberg21 Peon

    Messages:
    295
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #3
    That is what I thought, but my web host is pretty famous where I come from so I'm just going to accept it. How can I solve this?
     
    pkallberg21, Aug 3, 2007 IP
  4. Kommunicate

    Kommunicate Peon

    Messages:
    60
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #4
    I prefer 640 than 644. Do you really want everyone to have read access to your files? 711 will give you full permissions and give the everyone else execute permissions. Either way, you wont lose access to your files.

    FTP users shouldn't be able to walk the filesystem if your host has taken the necessary precautions like chroot the environment for every FTP session.
     
    Kommunicate, Aug 3, 2007 IP
  5. pkallberg21

    pkallberg21 Peon

    Messages:
    295
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Ok, so if I chmod the whole folder that my vBulletin installation is in to 640 will that block any unwanted guests through the ftp server? Can you recommend any good Windows ftp client that has good chmod functions? I currently use smartftp, but I feel something is missing...

    Thanks.
     
    pkallberg21, Aug 3, 2007 IP
  6. Kommunicate

    Kommunicate Peon

    Messages:
    60
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #6
    Yes, you should be fine. But before you go and chmod your entire vBulletin directory, create a new directory try out the permissions first. Better safe than sorry. :)

    Personally, i use FileZilla. Works fine for me.
     
    Kommunicate, Aug 3, 2007 IP
  7. pkallberg21

    pkallberg21 Peon

    Messages:
    295
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #7
    Ok smart ;) How would I try out the permissions? Wouldn't I need another account to try that out?
     
    pkallberg21, Aug 3, 2007 IP
  8. Kommunicate

    Kommunicate Peon

    Messages:
    60
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #8
    To really make sure no other users cant access those directories, you would need to test from another account. But if you cant browse to other users folders on the server, you "should" be ok. Nothing is ever 100% when it comes to security though.
     
    Kommunicate, Aug 3, 2007 IP
  9. pkallberg21

    pkallberg21 Peon

    Messages:
    295
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #9
    Ok I have requested a test user account so I can test permissions. I can browse into a few user folders on the server, but others are blocked. I'll see how it goes with the test account then, and get back.

    Thanks for you're help Kommunicate. You are really helping me out today :)
     
    pkallberg21, Aug 3, 2007 IP
  10. Kommunicate

    Kommunicate Peon

    Messages:
    60
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #10
    Great. Glad i could help.
     
    Kommunicate, Aug 3, 2007 IP
  11. HBK216

    HBK216 Well-Known Member

    Messages:
    91
    Likes Received:
    5
    Best Answers:
    0
    Trophy Points:
    100
    #11
    Good luck on your testing. However don't just accept such lax security because they are famous in your area. I would consider a new host if that is possible.
     
    HBK216, Aug 4, 2007 IP
  12. inworx

    inworx Peon

    Messages:
    4,862
    Likes Received:
    201
    Best Answers:
    0
    Trophy Points:
    0
    #12
    I'd recommend change your web host.
     
    inworx, Aug 5, 2007 IP
  13. citruscommerce

    citruscommerce Peon

    Messages:
    917
    Likes Received:
    11
    Best Answers:
    0
    Trophy Points:
    0
    #13
    Def. that should be a basic security measure that they have in place.
     
    citruscommerce, Aug 5, 2007 IP
  14. pkallberg21

    pkallberg21 Peon

    Messages:
    295
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #14
    I solved my problem. Thanks for everyone's help :)
     
    pkallberg21, Aug 6, 2007 IP