Page 1 of 1

Directory Permissions

Posted: Sat Nov 10, 2007 1:30 am
by whitebirch
For me to work on my site it seems I need Directory Permissions to be set to 777 on the directories I see in the Joomla Info.  Do I need to set these back to 744 when I am done working? 

Re: Directory Permissions

Posted: Sat Nov 10, 2007 1:38 am
by whitebirch
It also seems that when I install an extension it wants its own directories to be open....  Isn't this a security issue?  I went to install extplorer and I had to open Joomla's directories and now I need to open extplorer's folders/files.  Do I really have to go back and close all these files/folders when I am done?  My ISP can do it via scripting, but I can't request every time I am done working.

Re: Directory Permissions

Posted: Sat Nov 10, 2007 1:58 am
by whitebirch
And I noticed In the "back end" Administration view, go to Site --> Global Configuration --> Server doesn't exist in 1.5

Re: Directory Permissions

Posted: Sat Nov 10, 2007 2:12 am
by RussW
Please review the following FAQ's ASAP, you will find a wealth of information related to your issues.

  Security & Performance FAQ

The above mentioned FAQ will provide with more than enough information to assist you in further securing your sites.

Particular entries of note and to pay attention to, are;

  Joomla! Administrator's Security Checklist

  Joomla! Tools Suite
  How can I check my Joomla! installation's overall security and health?

  What does Joomla! have to do with file permissions?

Re: Directory Permissions

Posted: Sat Nov 10, 2007 4:46 am
by whitebirch
Hmmm. I appreciate the reply, but I have read all that and every time I post a security question you post those links.  I am running 1.5 so the Joomla Tools Suite is not applicable... Am I correct? I don't read anything about why the change back to 744 when complete like 1.x had.

Re: Directory Permissions

Posted: Sat Nov 10, 2007 4:59 am
by RussW
Server permissions are server permissions, regardless of Joomla! release installed.....  777 is wide open, anything less than that does not expose the server in quite the same way or quite as much. If you have read all the security information then hopefully you have a grasp on permissions and how they work, what they are for.....


There is now a JTS component that works with J! 1.5 but not the stand-alone version yet, this can be found on the Extension Site and on the JoomlaCode site, there is also a running thread for discussion regarding JTS.

The reason why I post "all those links" is because they answer many of the questions people have regarding Security, Permissions and Performance.

The default permissions in "most" Unix based Operating Systems that are considered "sane" and "normal" are

  Directories = 755  (not 744, this can cause some issues with search and mambots especially)
  Files        = 644

"Writable" means different things to different server configurations, thus can be anywhere from 750 through 777 for directories and 650 through 777 for files.

Re: Directory Permissions

Posted: Sat Nov 10, 2007 5:21 am
by whitebirch
But Joomla says it needs 777 to be writable.  If I set it to 755 it isn't reading as writable.  I'll check out that JTS.... thanks for the fast reply.

Re: Directory Permissions

Posted: Sat Nov 10, 2007 1:15 pm
by RussW
The Joomla! Installation WbUI and the System Information states "writable" not 777....  The exact mode required (anywhere between 755 and 777) depends on your servers configuration.

The fact that Joomla! only reports writable when you set 777 is due to your hosts chosen method of configuring their server.  If the host had phpSuExec installed then you would only need 755, and with suExec installed , you actually wouldn't be able to set 777 without the site erroring.

Re: Directory Permissions

Posted: Thu Nov 15, 2007 7:26 am
by publipoint
RussW wrote: The Joomla! Installation WbUI and the System Information states "writable" not 777....  The exact mode required (anywhere between 755 and 777) depends on your servers configuration.

The fact that Joomla! only reports writable when you set 777 is due to your hosts chosen method of configuring their server.  If the host had phpSuExec installed then you would only need 755, and with suExec installed , you actually wouldn't be able to set 777 without the site erroring.
Hi there!
Please let me post my own question regarding 777. With our host, we need to chmod folders 777 to install Joomla!. With 755, directories aren't writable. Can we chmod back to 755 after installing?

Re: Directory Permissions

Posted: Thu Nov 15, 2007 7:52 am
by RussW
Yes you can chmod directories back to 755 following installation, but do remember, that some functions in Joomla! require "writable" (which in your case unfortnately does mean 777) So if you wish to be able to upload images to the images directory or install extensions randomly, then these directories need to be be writable, but following the upload or extension intallation you can reset them back to 755 again.

Its just a matter of Administration overhead.

Re: Directory Permissions

Posted: Thu Nov 15, 2007 8:39 am
by publipoint
RussW wrote: Yes you can chmod directories back to 755 following installation, but do remember, that some functions in Joomla! require "writable" (which in your case unfortnately does mean 777) So if you wish to be able to upload images to the images directory or install extensions randomly, then these directories need to be be writable, but following the upload or extension intallation you can reset them back to 755 again.

Its just a matter of Administration overhead.
Thanks! Do you think we are under hacking risk, with this setup?

Re: Directory Permissions

Posted: Thu Nov 15, 2007 10:43 am
by RussW
No more or less than any one else,  there are always inherant security weaknesses in any server, configuraiton or software.

Please also review the Forum Rules and correct your signature.

Re: Directory Permissions

Posted: Fri Nov 16, 2007 5:41 am
by marjinalhakan
hi..

Joomla at the housing estate the security rate escapes against the attacks 8)

Work besides the everybody thankings ;)

Re: Directory Permissions

Posted: Sun Nov 25, 2007 4:10 am
by Gerbs
Using Joomla 1.5, what is the easiest way to set file permissions to 644 and directory permissions to 755?  Is sounds like the old version of Joomla had this capability on the server tab, but I don't see anything like this in Joomla 1.5. 

Re: Directory Permissions

Posted: Sun Nov 25, 2007 4:53 am
by muddauber
Thanks RussW, the information helps me with some troublesome work I have had
with Joomla installs on a BSD system (PAIR.COM) They do not allow
SuEXEC and require an install of a PHP CGI-Wrap script.

When I installed that my Joomla install now says I have my
Global set wrong and the Magic_quotes set wrong, even though
I added the required lines in my .htaccess file.

With these kind of issues, and the above questions related to
requiring to have files remain at 777, would you recommend going
to a more Joomla-Friendly environment?

Every time I install a module or component, the server sets the
owner to "nobody" and I can NOT modify or remove the file without
calling tech support.