Security - php file permissions on shared hosting
What file permissions should i set for a php website's files and folders running on a shared hosting plan on an apache server?
When I run <?php echo exec('whoami'); ?> it gives me a username (customized username, not one of your default/normal usernames on apache) that is the actual name of the site minus the .com extension.
There are also a couple of folders where users upload images etc. so they need to be writable while being safe.
What should the permissions be so that the site runs smoothly while also being safe from any kind of hack attacks?
What should the permissions be for a .htaccess file?
What file permissions should i set for a php website's files and folders running on a shared hosting plan on an apache server?
When I run <?php echo exec('whoami'); ?> it gives me a username (customized username, not one of your default/normal usernames on apache) that is the actual name of the site minus the .com extension.
There are also a couple of folders where users upload images etc. so they need to be writable while being safe.
What should the permissions be so that the site runs smoothly while also being safe from any kind of hack attacks?
What should the permissions be for a .htaccess file?
No comments:
Post a Comment