1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

the 777 problem

Discussion in 'Security' started by amanpeet, Aug 12, 2007.

  1. #1
    I faced this two times. I got warnings from paypal and a canadian bank as hackers used the 777 folder permission to upload files to my hosting.

    Due to the hacking idiots who are good for nothing, I had to answer to the foolish queries of ixwebsosting so called professional people. Who kept my site shut for almost 3 days.

    At other one that is jaguarpc.com ot was much better. They told me to just remove the files which hackers placed and they will put the website back on track.
    SEMrush
    So be aware of these idiot childish hackers who use such baby exploits for just hacking bank accounts etc. Which these people even can't use.
     
    amanpeet, Aug 12, 2007 IP
    SEMrush
  2. powerspike

    powerspike Peon

    Messages:
    312
    Likes Received:
    10
    Best Answers:
    0
    Trophy Points:
    0
    #2
    having 777 ... well that's debatable if it's good or not...

    BUT having 777 and allowing script execution is a very bad thing, it allows people to do stuff, if done right, they could fully compimize your website users using xss and other varision attacks, if you have to have 777 i would suggestion you set the folder to throw out all files as text only (non parsed) or not allow public access to the folders.
     
    powerspike, Aug 12, 2007 IP
  3. CodyRo

    CodyRo Peon

    Messages:
    365
    Likes Received:
    15
    Best Answers:
    0
    Trophy Points:
    0
    #3
    There is no debate there, it should never be 777 unless it's a temporary thing for a install.

    At the very highest it should be 744 (Owner: Read,Write,Execute, Group/Other: Read).. or if possible 644.
     
    CodyRo, Aug 12, 2007 IP
  4. amanpeet

    amanpeet Peon

    Messages:
    94
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #4
    In my opinion only files must have 777 permission that also if necessary. Folders must never be changed to the 777 permission unless it is a cache one.
     
    amanpeet, Aug 13, 2007 IP