Results 1 to 19 of 19
  1. #1
    Join Date
    Jun 2004
    Posts
    197

    is it safe to chmod your public_html folder to 777?

    I;m using a script that generates google sitemaps automatically and google requires the resulting XML file be placed in the site root. for the script to do this I need to make my public_html folder 777

    the files and other folders are still locked down but does opening up the root pose any spcific security risks?

  2. #2
    Join Date
    Jun 2006
    Posts
    1,765
    no, doing this would let scripts create files and folders, edit files and folders etc in the public_html directory. Thats all.

  3. #3
    Join Date
    Jun 2002
    Location
    Waco, TX
    Posts
    5,292
    NOt really that's all, 777 is the best friend of hackers and defacers worldwide, they look for folders chmod'ed to 777 so they can run all kinds of little "tools"

  4. #4
    Join Date
    Dec 2003
    Location
    Fairfax, Virginia
    Posts
    6,835
    777 is stupid stupid stupid.

  5. #5
    Join Date
    Mar 2004
    Location
    USA
    Posts
    4,342
    always keep you 777 folders and files below public_html and you would be safe (well it depends on the coding)

    Peace,
    Testing 1.. Testing 1..2.. Testing 1..2..3...

  6. #6
    Join Date
    May 2005
    Location
    Planet Earth
    Posts
    813
    It really depends on what you're planning to do with such directory/file.

    G
    PutFile.io Disrupting traditional file hosting.
    █ Signup Early and enjoy Unlimited space/bandwidth for your files hosting, Forever!
    █ No Ads.
    █ No Countdowns.

  7. #7
    Join Date
    Oct 2001
    Location
    South England
    Posts
    1,121
    There's no reason to make it 777 as far as I can think of.

  8. #8
    Join Date
    Mar 2004
    Location
    USA
    Posts
    4,342
    Quote Originally Posted by Koopa
    There's no reason to make it 777 as far as I can think of.
    Many reasons:

    * File upload
    * Setup requirements

    etc..

    Peace,
    Testing 1.. Testing 1..2.. Testing 1..2..3...

  9. #9
    Join Date
    Dec 2002
    Location
    chica go go
    Posts
    11,858
    You could run php in suexec mode. That would lift the 777 chmod requirement.

  10. #10
    Join Date
    Feb 2003
    Location
    Jonesboro, AR
    Posts
    351
    777 is definitely not a smart thing to keep files CHMOD'ed as, regardless of if they're in your public_html "folder" or not. I'd follow ub3r's advice and go with a PHPsuexec setup if possible.
    Michael Chase
    Clear-Data Internet Services - Inexpensive website, reseller, and game server hosting.

  11. #11
    Join Date
    Oct 2002
    Location
    Canada
    Posts
    3,100

    Re: is it safe to chmod your public_html folder to 777?

    Yes, it is safe as far as public_html is on your USB key chain. On shared server it is bad idea. If you do not have suexec you allow everyone who has $5 account on that server all the access to all of your files and data. They could just for fun change your webiste every Tuesday and that is the least they could do. Only situation where this could work is if you are the only one with the access to the server and if you have absolute confidence in all of the server software and site coding. Based on the question you are asking, I dare say that that might not be the case.

  12. #12
    Join Date
    Mar 2004
    Location
    USA
    Posts
    4,342
    I always keep my files below public_html, and since I am not on a shared server, I am fine.

    True if you are on a shared server with safe mode off, then its not a good thing to do.

    Peace,
    Testing 1.. Testing 1..2.. Testing 1..2..3...

  13. #13
    Join Date
    Jul 2004
    Location
    Texas
    Posts
    687
    Quote Originally Posted by SniperDevil
    777 is stupid stupid stupid.
    What a nice thing for me to remember

  14. #14
    Mind me asking whats the best chmod number to use on the html folder for a site that just contains html pages with no extra whistles?

  15. #15
    Join Date
    Jan 2005
    Location
    Darwin, Australia
    Posts
    1,333
    Quote Originally Posted by SEOIreland
    Mind me asking whats the best chmod number to use on the html folder for a site that just contains html pages with no extra whistles?
    I'd go with 750
    Graham Craig

    "IT'S NOT HOW GOOD YOU ARE, IT'S HOW BAD YOU WANT IT."

  16. #16
    Join Date
    Oct 2001
    Location
    South England
    Posts
    1,121
    Quote Originally Posted by azizny
    Many reasons:

    * File upload
    * Setup requirements

    etc..

    Peace,
    The public_html folder?

  17. #17
    Join Date
    Jun 2006
    Posts
    58

  18. #18
    Join Date
    Dec 2002
    Location
    chica go go
    Posts
    11,858
    Quote Originally Posted by SEOIreland
    Mind me asking whats the best chmod number to use on the html folder for a site that just contains html pages with no extra whistles?
    751 has been pretty good for me.

  19. #19
    Depends if it's permanent or not.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •