|
We recommend setting permission on files to 644, and folders to 755.
If 644 and 755 don't make sense, read on:
Permissions Overview
On a web server, files and folders are assigned "permissions" that specify who and what can view, modify, overwrite, delete ,or launch them. The web server prevents or allows these operations based on who or what your are.
"Who" is usually controlled by authenticating yourself through logging in.
"What" is controlled by the level of security you've been granted on the server, for example: Admin, user, super-user, etc.
The super-nerds have condensed all these concepts into a simple statement, which can be expressed as a number, or with letters.
Example
755
rwxr-xr-x
Get a grip
The super-nerds decided to generalize "who" and "what" into three categories: User, Group, World. Likewise, they lumped all of the things you can do to a file or folder into three ideas: Read, Write, Execute.
Good nerds, now our permissions can easily be expressed through a combination of these 6 things.
People type stuff
User
The person or program who created the file.
Group
Things that have been assigned certain security levels (e.g. Programs on the system, or super-users)
World
Everyone and anything
Operation type stuff
Read
General "read only" type access, such as: View, open, and general access to the file data.
Write
Allows operations to be done on the file such as: Append, overwrite, delete, rename, save,
and modifyr.
Execute
Allows the file to "run". Meaning that when the file is accessed, another program is launched to do something with the file.
For example, when a folder is accessed, the operating system needs to show the contents of the folder. Or when a PHP script is acceseds, the sever tells the PHP program (residing on the server) to process (or "run") the file.
What permission numbers and letters mean
Permission are expressed with either a three digit number, or three clumps of 3 characters. Each digit, or clump relates to the "people stuff", while the actual value relates to the "operation stuff".
For example, both 755 and rwxr-xr-x break down to provide permissions as follows:
owner: read, write, execute
group: read, execute
world: read, execute
Here's how they both break down:
user group world
number: 7 5 5 expressed as: 755
clunps: rwx r-x r-x
expressed as: rwxr-xr-x
Each letter has a special meaning
r = read
w = write
x = execute
- = none
Each number has a special meaning:
7 = read, write, execute
6 = read, write
5 = read, execute
4 = read
0 = [none]
NOTE: You can use either thee number expression or the clump expression, it depends on your software's capabilites.
How to set permission on your stuff
You can usually set permissions on files using an FTP program. Check with the software's documentaion on how to adjust permissions.
You may also be able to adjust permission using your web site's control panel. Check the FAQs with your hosting provider for information on how to set permissions.
Important note on PHP files
On some web servers, if a PHP file has "write" permissions for "world", the file will get disabled completely, meaning that it won't run, nor will you be able to see the file from a web browser. You'll generally get an error message such as Error 500: Internal server error, or other similar error, or you'll simply see a blank page.
The reason PHP files are generally not allowed to have "write" permissions for "world" is because it's rather dangerous to allow folks to alter a PHP script that could potentially do major damage not only to your web site, but also the server as well.
And one more thing...
Generally, web-based files, such as HTML, Javascript, and JPG, PNG images don't need "Execute" permissions, since these are "dumb" files.. They're just raw data that don't "do" anything on the server. They are used to display stuff within the user's browser -- not on the server. However, if these files have the "Execute" applied, it won't hurt anything because, well, they don't "do" anything.
|
examples
Licensing
Download Examples
