1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

wordpress permissions

Discussion in 'WordPress' started by jacksmith, Aug 16, 2006.

  1. #1
    Hi guys,

    I recently started a wordpress blog. Now by default various wordpress directories and files like .htaccess on my hosting account have 644 permission and hence the server is unable to make changes to it. Of course I can change the permission to 666 and change it back to 644 after the server has written to it, but just want to know what is the general practice? do people just change it to 666 and leave it like that or does it have a security issue?

    thanks
    SEMrush
    jack
     
    jacksmith, Aug 16, 2006 IP
    SEMrush
  2. tflight

    tflight Peon

    Messages:
    617
    Likes Received:
    38
    Best Answers:
    0
    Trophy Points:
    0
    #2
    Ultimately it depends on the setup of your hosting environment, but I would certainly change it back to 644 to be safe. 666 potentially means that any user on that server could change the contents of that file.
     
    tflight, Aug 16, 2006 IP
    jacksmith likes this.
  3. jacksmith

    jacksmith Peon

    Messages:
    1,013
    Likes Received:
    27
    Best Answers:
    0
    Trophy Points:
    0
    #3
    yes, thats what i thougt, afterall its a shared server! but since i am new to wordpress and like to experiment alot so its kind of annoying to change it every time i have to make some modifications.

    thanks for the reply tflight
     
    jacksmith, Aug 16, 2006 IP
  4. tflight

    tflight Peon

    Messages:
    617
    Likes Received:
    38
    Best Answers:
    0
    Trophy Points:
    0
    #4
    There is another way some hosts handle this. The host could setup a new group and put in the group your user account and the user that the http server runs as (commonly www or similar). Then you can set the permissions on the file to 664 meaning that the owner and anyone else in the same group can read and write to the file, but nobody else can. This prevents "everyone" from having write access to the file while still allowing the http process to write to the file when it needs to.

    Most hosts don't do this, however I've seen some that will set this up upon request. Not many... but some.
     
    tflight, Aug 16, 2006 IP
  5. jacksmith

    jacksmith Peon

    Messages:
    1,013
    Likes Received:
    27
    Best Answers:
    0
    Trophy Points:
    0
    #5
    hmm.. let me check my host's forum/ maybe i would find something similar there, if not then would post for request.

    thanks again
     
    jacksmith, Aug 16, 2006 IP