Core Permissions using Virtual Host / Synology
Moderator: General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10
-
- Joomla! Apprentice
- Posts: 47
- Joined: Wed Feb 02, 2022 7:34 am
Core Permissions using Virtual Host / Synology
Dear Joomla forum,
I still have problems with the Core Folder Permissions with Joomla.
See my topics from april 05 and March. It was said that this never should be '777' but '755' with full control for administrator. If one installs the web-package delivered by Synology this works perfect and the FPA tool it lists '0755' 'writable'.
Unfortunately it is installed with a fix (outdated) PHP-7.4 version and only one website can be created.
It is possible to create websites using Synologies 'Virtual Host' where you can select PHP-version 8.x
This works great except I don't see a way to get correct Core Permissions. The best I can get is '0777' 'writable'.
I start as administrator with Full Control and during Joomla Installation a http user with only READ control is created. But Installation is possible, the FPA tools lists: '0755' 'not writable' and the configuration.php must be created manually, what I've done.
Leaving all this it is impossible to use kickstart and import the production database.
Changing the READ control into READ & WRITE (0777 - writable) makes eveything possible.
After a full installation I tried to correct the permission but as soon as I touch the 0777 the 'writable' turns into 'unwritable'. However the properties using PuTTY looks correct. I tried 0777, 0755, 0775 and 0757...
Does anyone has suggestion how to correct the right permissions?
I want to be sure to start correctly for migrating the 3.10.10 version to 4.x
Thank a lot for all your suggestions!
Richard
I still have problems with the Core Folder Permissions with Joomla.
See my topics from april 05 and March. It was said that this never should be '777' but '755' with full control for administrator. If one installs the web-package delivered by Synology this works perfect and the FPA tool it lists '0755' 'writable'.
Unfortunately it is installed with a fix (outdated) PHP-7.4 version and only one website can be created.
It is possible to create websites using Synologies 'Virtual Host' where you can select PHP-version 8.x
This works great except I don't see a way to get correct Core Permissions. The best I can get is '0777' 'writable'.
I start as administrator with Full Control and during Joomla Installation a http user with only READ control is created. But Installation is possible, the FPA tools lists: '0755' 'not writable' and the configuration.php must be created manually, what I've done.
Leaving all this it is impossible to use kickstart and import the production database.
Changing the READ control into READ & WRITE (0777 - writable) makes eveything possible.
After a full installation I tried to correct the permission but as soon as I touch the 0777 the 'writable' turns into 'unwritable'. However the properties using PuTTY looks correct. I tried 0777, 0755, 0775 and 0757...
Does anyone has suggestion how to correct the right permissions?
I want to be sure to start correctly for migrating the 3.10.10 version to 4.x
Thank a lot for all your suggestions!
Richard
- leolam
- Joomla! Master
- Posts: 20631
- Joined: Mon Aug 29, 2005 10:17 am
- Location: Netherlands/ Germany/ S'pore/Bogor/ North America
- Contact:
Re: Core Permissions using Virtual Host / Synology
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
-
- Joomla! Apprentice
- Posts: 47
- Joined: Wed Feb 02, 2022 7:34 am
Re: Core Permissions using Virtual Host / Synology
Whow great Leo!
That's new, I'll test it out in the near future... and keep you posted!
Thanks,
Richard
That's new, I'll test it out in the near future... and keep you posted!
Thanks,
Richard
- Per Yngve Berg
- Joomla! Master
- Posts: 30771
- Joined: Mon Oct 27, 2008 9:27 pm
- Location: Romerike, Norway
Re: Core Permissions using Virtual Host / Synology
What Web Server to PHP Interface are you using?
Use a Switching User Interface like "fcgi" or "php-fpm". Do not use ApacheHandler.
To be safe from cross contamination if one site gets hacked, use a separate Linux User for each Site.
Use a Switching User Interface like "fcgi" or "php-fpm". Do not use ApacheHandler.
To be safe from cross contamination if one site gets hacked, use a separate Linux User for each Site.
- Webdongle
- Joomla! Master
- Posts: 43980
- Joined: Sat Apr 05, 2008 9:58 pm
Re: Core Permissions using Virtual Host / Synology
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
-
- Joomla! Apprentice
- Posts: 47
- Joined: Wed Feb 02, 2022 7:34 am
Re: Core Permissions using Virtual Host / Synology
@Leo: unfortunately this didn't solve the problem as I couldn't change the properties either.
@Per: Thank you for your suggestion and it might be a solution...
I use WebStation / Virtual Host on a latest version Synology NAS.
First thing I do is creating a sub-folder in a shared web folder with full administrator rights.
Then I copy / unpack the Joomla archive using Synology File Station.
Next I create a Virtual Host and I think that wrong /uncomplete credentials are made upon creation.
Only one user http is created with only 'read permission' which is good but I think something more is missing.
After setting up the Virtual Host I have to set the http user to 'read & write' in order to make install, import, migration,... possitble.
Anyway... I can do everything, even migrating to Joomla 4.1.5
Installing the Synology service package passes with the correct Folder Properties but a fixed joomla version 3.10.3 with php 7.4 is installed.
Unfortunately PHP 7.4 cannot be upgraded an only one website can be made.
The HTTP back-end server used is Apache HTTP server 2.4 and the PHP version is 8.0.17.
I think Synology offers the use another back-end server but I need to test and try this.
Until this problem is not solved I will not put this website online.
I'm so sorry but my knowledge is as a simple user limited and I don't understand anything about Switching Users Interface, but I'll search on Internet :--)
With kindest regards from hot Belgium!
@Per: Thank you for your suggestion and it might be a solution...
I use WebStation / Virtual Host on a latest version Synology NAS.
First thing I do is creating a sub-folder in a shared web folder with full administrator rights.
Then I copy / unpack the Joomla archive using Synology File Station.
Next I create a Virtual Host and I think that wrong /uncomplete credentials are made upon creation.
Only one user http is created with only 'read permission' which is good but I think something more is missing.
After setting up the Virtual Host I have to set the http user to 'read & write' in order to make install, import, migration,... possitble.
Anyway... I can do everything, even migrating to Joomla 4.1.5
Installing the Synology service package passes with the correct Folder Properties but a fixed joomla version 3.10.3 with php 7.4 is installed.
Unfortunately PHP 7.4 cannot be upgraded an only one website can be made.
The HTTP back-end server used is Apache HTTP server 2.4 and the PHP version is 8.0.17.
I think Synology offers the use another back-end server but I need to test and try this.
Until this problem is not solved I will not put this website online.
I'm so sorry but my knowledge is as a simple user limited and I don't understand anything about Switching Users Interface, but I'll search on Internet :--)
With kindest regards from hot Belgium!
-
- Joomla! Apprentice
- Posts: 47
- Joined: Wed Feb 02, 2022 7:34 am
Re: Core Permissions using Virtual Host / Synology
@Per: I made an successful installation using Nginx as HTTP Back-end server but this gave the same result.
- Per Yngve Berg
- Joomla! Master
- Posts: 30771
- Joined: Mon Oct 27, 2008 9:27 pm
- Location: Romerike, Norway
Re: Core Permissions using Virtual Host / Synology
https://docs.joomla.org/Nginx
Please post your FPA Report, so we can review your server Configuration.
See red frame above.
Please post your FPA Report, so we can review your server Configuration.
See red frame above.
-
- Joomla! Apprentice
- Posts: 47
- Joined: Wed Feb 02, 2022 7:34 am
Re: Core Permissions using Virtual Host / Synology
I'll sent you some FPA-reports by email Per...
Hopefully it arrives in Norway :--)
Hopefully it arrives in Norway :--)
-
- Joomla! Apprentice
- Posts: 47
- Joined: Wed Feb 02, 2022 7:34 am
Re: Core Permissions using Virtual Host / Synology
A new successfull installation (Joomla 4.2.0) on a web host server in a subdomain using Softaculous Auto Installer showed the same problem with Core Permissions.
However, here the Akeeba Admin Tool solved the problem and corrected the Core Permissions.
Anyway, I may be wrong but I think this is a serious security problem somewhere...
Thanks Per for directing me to the Akeeba Admin Tool !
However, here the Akeeba Admin Tool solved the problem and corrected the Core Permissions.
Anyway, I may be wrong but I think this is a serious security problem somewhere...
Thanks Per for directing me to the Akeeba Admin Tool !
- Per Yngve Berg
- Joomla! Master
- Posts: 30771
- Joined: Mon Oct 27, 2008 9:27 pm
- Location: Romerike, Norway
Re: Core Permissions using Virtual Host / Synology
I didn't receive any FPA. You should post it in the forum. It needs to be to be readable anyway.
- Webdongle
- Joomla! Master
- Posts: 43980
- Joined: Sat Apr 05, 2008 9:58 pm
Re: Core Permissions using Virtual Host / Synology
Is the web host server managed or are you managing it (installing/managing the server software)?
For a remote Hosting server best unpack the Joomla full package in the desired folder and point your browser to it. Quickstart packages have several issues especially when it comes to updating Joomla.
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
-
- Joomla! Apprentice
- Posts: 47
- Joined: Wed Feb 02, 2022 7:34 am
Re: Core Permissions using Virtual Host / Synology
@Per:
This is the FPA from the test environment I use to update the migrated Joomla.
I tried with Nginx but it gave exactly the same results.
I deleteted the database but I do have the FPA as PDF-files.
@Webdongle:
The new joomla 4.2.0 version is installed on managed web hosted server.
Can I import with kickstart a Joomla 4.1.5 version into it?
This is the FPA from the test environment I use to update the migrated Joomla.
I tried with Nginx but it gave exactly the same results.
I deleteted the database but I do have the FPA as PDF-files.
@Webdongle:
The new joomla 4.2.0 version is installed on managed web hosted server.
Can I import with kickstart a Joomla 4.1.5 version into it?
Forum Post Assistant (v1.6.5) : 21-Aug-2022 wrote:Basic Environment :: wrote:Joomla! Instance :: Joomla! 4.1.5-Stable (Kuamini) 21-June-2022
Joomla! Configured :: Yes | Writable (666) |
Configuration Options :: Offline: false | SEF: true | SEF Suffix: false | SEF ReWrite: false | .htaccess/web.config: No | GZip: false | Cache: false | CacheTime: 15 | CacheHandler: file | CachePlatformPrefix: false | FTP Layer: N/A | Proxy: false | LiveSite: | Session lifetime: 30 | Session handler: database | Shared sessions: false | SSL: 0 | Error Reporting: maximum | Site Debug: false | Language Debug: false | Default Access: Public | Unicode Slugs: false | dbConnection Type: mysqli | PHP Supports J! 4.1.5: Yes | Database Supports J! 4.1.5: Yes | Database Credentials Present: Yes |
Host Configuration :: OS: Linux | OS Version: 3.10.108 | Technology: x86_64 | Web Server: Apache/2.4.51 (Unix) | Encoding: gzip, deflate, br | System TMP Writable: Yes | Free Disk Space : 3566.58 GiB |
PHP Configuration :: Version: 8.0.17 | PHP API: fpm-fcgi | Session Path Writable: Yes | Display Errors: 0 | Error Reporting: 22519 | Log Errors To: | Last Known Error: | Register Globals: | Magic Quotes: | Safe Mode: | Allow url fopen: 1 | Open Base: | Uploads: 1 | Max. Upload Size: 32M | Max. POST Size: 32M | Max. Input Time: 60 | Max. Execution Time: 240 | Memory Limit: 128M
Database Configuration :: Version: 10.3.32-MariaDB (Client:mysqlnd 8.0.17) | Database Size: 30.87 MiB | #of Tables with config prefix: 91 | #of other Tables: 401 | User Privileges : GRANT PROXYDetailed Environment :: wrote:PHP Extensions :: Core (8.0.17) | date (8.0.17) | libxml (8.0.17) | pcre (8.0.17) | ctype (8.0.17) | dom (20031129) | fileinfo (8.0.17) | filter (8.0.17) | hash (8.0.17) | json (8.0.17) | mbstring (8.0.17) | pcntl (8.0.17) | SPL (8.0.17) | PDO (8.0.17) | readline (8.0.17) | Reflection (8.0.17) | session (8.0.17) | SimpleXML (8.0.17) | standard (8.0.17) | tokenizer (8.0.17) | xml (8.0.17) | xmlreader (8.0.17) | xmlwriter (8.0.17) | mysqlnd (mysqlnd 8.0.17) | cgi-fcgi (8.0.17) | apcu (5.1.21) | bcmath (8.0.17) | bz2 (8.0.17) | curl (8.0.17) | gd (8.0.17) | iconv (8.0.17) | intl (8.0.17) | ldap (8.0.17) | mysqli (8.0.17) | openssl (8.0.17) | pdo_mysql (8.0.17) | pdo_sqlite (8.0.17) | zlib (8.0.17) | posix (8.0.17) | soap (8.0.17) | sockets (8.0.17) | sqlite3 (8.0.17) | xsl (8.0.17) | zip (1.19.5) | Phar (8.0.17) | Zend OPcache (8.0.17) | Zend Engine (4.0.17) |
Potential Missing Extensions ::
Switch User Environment :: PHP CGI: No | Server SU: No | PHP SU: No | Potential Ownership Issues: NoFolder Permissions :: wrote:Core Folders :: images/ (777) | components/ (777) | modules/ (777) | plugins/ (777) | language/ (777) | templates/ (777) | cache/ (777) | logs/ (---) | tmp/ (777) | administrator/components/ (777) | administrator/modules/ (777) | administrator/language/ (777) | administrator/templates/ (777) | administrator/logs/ (777) |
Elevated Permissions (First 10) :: administrator/ (777) | administrator/cache/ (777) | administrator/components/ (777) | administrator/components/com_actionlogs/ (777) | administrator/components/com_actionlogs/forms/ (777) | administrator/components/com_actionlogs/services/ (777) | administrator/components/com_actionlogs/src/ (777) | administrator/components/com_actionlogs/src/Controller/ (777) | administrator/components/com_actionlogs/src/Field/ (777) | administrator/components/com_actionlogs/src/Helper/ (777) |Database Information :: wrote:Database statistics :: Uptime: 1074836 | Threads: 9 | Questions: 998543 | Slow queries: 0 | Opens: 190269 | Flush tables: 1 | Open tables: 10 | Queries per second avg: 0.929 |Extensions Discovered :: wrote:Components :: Site ::
Core ::
3rd Party::
Components :: Admin ::
Core :: com_actionlogs (3.9.0) 1 | com_admin (4.0.0) 1 | com_ajax (4.0.0) 1 | com_associations (4.0.0) 1 | com_banners (4.0.0) 1 | com_cache (4.0.0) 1 | com_categories (4.0.0) 1 | com_checkin (4.0.0) 1 | com_config (4.0.0) 1 | com_content (4.0.0) 1 | com_contenthistory (4.0.0) 1 | com_cpanel (4.0.0) 1 | com_fields (4.0.0) 1 | com_finder (4.0.0) 1 | com_installer (4.0.0) 1 | com_joomlaupdate (4.0.3) 1 | com_languages (4.0.0) 1 | com_login (4.0.0) 1 | com_mails (4.0.0) 1 | com_media (3.0.0) 1 | com_menus (4.0.0) 1 | com_messages (4.0.0) 1 | com_modules (4.0.0) 1 | com_newsfeeds (4.0.0) 1 | com_plugins (4.0.0) 1 | com_postinstall (4.0.0) 1 | com_privacy (3.9.0) 1 | com_redirect (4.0.0) 1 | com_scheduler (4.1.0) 1 | com_tags (4.0.0) 1 | com_templates (4.0.0) 1 | com_users (4.0.0) 1 | com_workflow (4.0.0) 1 | com_wrapper (4.0.0) 1 | com_weblinks (4.0.1) 1 | com_search (3.0.0) 1 |
3rd Party:: com_akeebabackup (9.2.7) 1 | Akeeba (8.1.9) 1 |
Modules :: Site ::
Core :: mod_articles_archive (3.0.0) 1 | mod_articles_categories (3.0.0) 1 | mod_articles_category (3.0.0) 1 | mod_articles_latest (3.0.0) 1 | mod_articles_news (3.0.0) 1 | mod_articles_popular (3.0.0) 1 | mod_banners (3.0.0) 1 | mod_breadcrumbs (3.0.0) 1 | mod_custom (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_finder (3.0.0) 1 | mod_footer (3.0.0) 1 | mod_languages (3.5.0) 1 | mod_login (3.0.0) 1 | mod_menu (3.0.0) 1 | mod_random_image (3.0.0) 1 | mod_related_items (3.0.0) 1 | mod_stats (3.0.0) 1 | mod_syndicate (3.0.0) 1 | mod_tags_popular (3.1.0) 1 | mod_tags_similar (3.1.0) 1 | mod_users_latest (3.0.0) 1 | mod_whosonline (3.0.0) 1 | mod_wrapper (3.0.0) 1 | mod_weblinks (4.0.1) 1 | mod_search (3.0.0) 1 |
3rd Party:: sigplus (1.5.0.293) 1 | KickstartCassiopeia module (1.5) 1 |
Modules :: Admin ::
Core :: mod_custom (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_frontend (4.0.0) 1 | mod_latest (3.0.0) 1 | mod_latestactions (3.9.0) 1 | mod_logged (3.0.0) 1 | mod_login (3.0.0) 1 | mod_loginsupport (4.0.0) 1 | mod_menu (3.0.0) 1 | mod_messages (4.0.0) 1 | mod_multilangstatus (3.0.0) 1 | mod_popular (3.0.0) 1 | mod_post_installation_messages (4.0.0) 1 | mod_privacy_dashboard (3.9.0) 1 | mod_privacy_status (4.0.0) 1 | mod_quickicon (3.0.0) 1 | mod_sampledata (3.8.0) 1 | mod_stats_admin (3.0.0) 1 | mod_submenu (3.0.0) 1 | mod_title (3.0.0) 1 | mod_toolbar (3.0.0) 1 | mod_user (4.0.0) 1 | mod_version (3.0.0) 1 |
3rd Party::
Libraries ::
Core ::
3rd Party:: file_fof30 (3.6.2) ? | file_fof40 (4.1.0) ? |
Plugins ::
Core :: plg_actionlog_joomla (3.9.0) 1 | plg_api-authentication_basic (4.0.0) 0 | plg_api-authentication_token (4.0.0) 1 | plg_authentication_cookie (3.0.0) 1 | plg_authentication_joomla (3.0.0) 1 | plg_authentication_ldap (3.0.0) 0 | plg_behaviour_taggable (4.0.0) 1 | plg_behaviour_versionable (4.0.0) 1 | plg_captcha_recaptcha (3.4.0) 1 | plg_captcha_recaptcha_invisible (3. 0 | plg_content_confirmconsent (3.9.0) 0 | plg_content_emailcloak (3.0.0) 1 | plg_content_fields (3.7.0) 1 | plg_content_finder (3.0.0) 0 | plg_content_joomla (3.0.0) 1 | plg_content_loadmodule (3.0.0) 1 | plg_content_pagebreak (3.0.0) 1 | plg_content_pagenavigation (3.0.0) 1 | plg_content_vote (3.0.0) 0 | plg_editors-xtd_article (3.0.0) 1 | plg_editors-xtd_fields (3.7.0) 1 | plg_editors-xtd_image (3.0.0) 1 | plg_editors-xtd_menu (3.7.0) 1 | plg_editors-xtd_module (3.5.0) 1 | plg_editors-xtd_pagebreak (3.0.0) 1 | plg_editors-xtd_readmore (3.0.0) 1 | plg_editors-xtd_weblink (4.0.1) 1 | plg_extension_finder (4.0.0) 1 | plg_extension_joomla (3.0.0) 1 | plg_extension_namespacemap (4.0.0) 1 | plg_fields_calendar (3.7.0) 1 | plg_fields_checkboxes (3.7.0) 1 | plg_fields_color (3.7.0) 1 | plg_fields_editor (3.7.0) 1 | plg_fields_imagelist (3.7.0) 1 | plg_fields_integer (3.7.0) 1 | plg_fields_list (3.7.0) 1 | plg_fields_media (3.7.0) 1 | plg_fields_radio (3.7.0) 1 | plg_fields_sql (3.7.0) 1 | plg_fields_subform (4.0.0) 1 | plg_fields_text (3.7.0) 1 | plg_fields_textarea (3.7.0) 1 | plg_fields_url (3.7.0) 1 | plg_fields_user (3.7.0) 1 | plg_fields_usergrouplist (3.7.0) 1 | plg_filesystem_local (4.0.0) 1 | plg_finder_categories (3.0.0) 1 | plg_finder_contacts (3.0.0) 1 | plg_finder_content (3.0.0) 1 | plg_finder_newsfeeds (3.0.0) 1 | plg_finder_tags (3.0.0) 1 | plg_finder_weblinks (4.0.1) 0 | plg_installer_folderinstaller (3.6.0) 1 | plg_installer_override (4.0.0) 1 | plg_installer_packageinstaller (3.6.0) 1 | plg_installer_urlinstaller (3.6.0) 1 | plg_installer_webinstaller (4.0.0) 1 | plg_media-action_crop (4.0.0) 1 | plg_media-action_resize (4.0.0) 1 | plg_media-action_rotate (4.0.0) 1 | plg_privacy_actionlogs (3.9.0) 1 | plg_privacy_consents (3.9.0) 1 | plg_privacy_content (3.9.0) 1 | plg_privacy_message (3.9.0) 1 | plg_privacy_user (3.9.0) 1 | plg_quickicon_downloadkey (4.0.0) 1 | plg_quickicon_extensionupdate (3.0.0) 1 | plg_quickicon_joomlaupdate (3.0.0) 1 | plg_quickicon_overridecheck (4.0.0) 1 | plg_quickicon_phpversioncheck (3.7.0) 1 | plg_quickicon_privacycheck (3.9.0) 1 | plg_sampledata_multilang (4.0.0) 1 | plg_system_accessibility (4.0.0) 0 | plg_system_actionlogs (3.9.0) 0 | plg_system_cache (3.0.0) 0 | plg_system_debug (3.0.0) 1 | plg_system_fields (3.7.0) 1 | plg_system_highlight (3.0.0) 1 | plg_system_httpheaders (4.0.0) 0 | plg_system_jooa11y (4.2.0) 1 | plg_system_languagecode (3.0.0) 0 | plg_system_languagefilter (3.0.0) 0 | plg_system_log (3.0.0) 1 | plg_system_logout (3.0.0) 1 | plg_system_logrotation (3.9.0) 1 | plg_system_privacyconsent (3.9.0) 0 | plg_system_redirect (3.0.0) 0 | plg_system_remember (3.0.0) 1 | plg_system_schedulerunner (4.1) 1 | plg_system_sef (3.0.0) 1 | plg_system_sessiongc (3.8.6) 1 | plg_system_skipto (4.0.0) 1 | plg_system_stats (3.5.0) 1 | plg_system_task_notification (4.1) 1 | plg_system_updatenotification (3.5.0) 1 | plg_system_webauthn (4.0.0) 1 | plg_system_weblinks (4.0.1) 0 | plg_task_check_files (4.1) 1 | plg_task_demo_tasks (4.1) 1 | plg_task_requests (4.1) 1 | plg_task_site_status (4.1) 1 | plg_twofactorauth_totp (3.2.0) 0 | plg_twofactorauth_yubikey (3.2.0) 0 | plg_user_contactcreator (3.0.0) 0 | plg_user_joomla (3.0.0) 1 | plg_user_profile (3.0.0) 1 | plg_user_terms (3.9.0) 0 | plg_user_token (3.9.0) 1 | plg_webservices_banners (4.0.0) 1 | plg_webservices_config (4.0.0) 1 | plg_webservices_content (4.0.0) 1 | plg_webservices_installer (4.0.0) 1 | plg_webservices_languages (4.0.0) 1 | plg_webservices_media (4.1.0) 1 | plg_webservices_menus (4.0.0) 1 | plg_webservices_messages (4.0.0) 1 | plg_webservices_modules (4.0.0) 1 | plg_webservices_newsfeeds (4.0.0) 1 | plg_webservices_plugins (4.0.0) 1 | plg_webservices_privacy (4.0.0) 1 | plg_webservices_redirect (4.0.0) 1 | plg_webservices_tags (4.0.0) 1 | plg_webservices_templates (4.0.0) 1 | plg_webservices_users (4.0.0) 1 | plg_workflow_featuring (4.0.0) 1 | plg_workflow_notification (4.0.0) 1 | plg_workflow_publishing (4.0.0) 1 | plg_search_weblinks (4.0.1) 0 | plg_search_tags (3.0.0) 1 | plg_search_newsfeeds (3.0.0) 1 | plg_search_content (3.0.0) 1 | plg_search_contacts (3.0.0) 1 | plg_search_categories (3.0.0) 1 |
3rd Party:: PLG_ACTIONLOG_AKEEBABACKUP (8.1.9) 0 | plg_content_sigplus (1.5.0.293) 1 | plg_editors-xtd_sigplus (1.5.0.293) 0 | plg_editors_codemirror (5.65.2) 1 | plg_editors_tinymce (5.10.3) 1 | PLG_QUICKICON_AKEEBABACKUP (9.2.7) 1 | PLG_SYSTEM_BACKUPONUPDATE (8.1.9) 1 | PLG_SYSTEM_DARKMAGIC (2.0.3) 1 | plg_search_sigplus (1.5.0.293) 0 |Templates Discovered :: wrote:Templates :: Site :: cassiopeia (1.0) 1 |
Templates :: Admin :: atum (1.0) 1 |
- Webdongle
- Joomla! Master
- Posts: 43980
- Joined: Sat Apr 05, 2008 9:58 pm
Re: Core Permissions using Virtual Host / Synology
configuration.php should be 444
folders should be 755
(is the server setting the bits incorrectly?)
Upload Size: 32M | Max. POST Size: 32M ... both should be at least 128M
folders should be 755
(is the server setting the bits incorrectly?)
Upload Size: 32M | Max. POST Size: 32M ... both should be at least 128M
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
- Per Yngve Berg
- Joomla! Master
- Posts: 30771
- Joined: Mon Oct 27, 2008 9:27 pm
- Location: Romerike, Norway
Re: Core Permissions using Virtual Host / Synology
Your file permissions are wrong. It shall be 755 for Folders and 644 for files. In addition, the Ownership must be the Linux User that the FPM-CGI prosess running as. You can change the Ownership by using the "chown" command.
To create a new site on the server:
1) Create a new Linux User
2) Create a new VHost in Apache
3) Create a new FPM prosess on a new port with the user created in step 1
4) Login with the user created in step 1 and upload the Joomla files.
Place the site web root at the user's home folder where the user automatically have permissions i.e. /home/<username>/public_html
https://www.php.net/manual/en/install.fpm.php
This will isolate each site from each other and prevent cross contamination in case on site get hakkede.
To create a new site on the server:
1) Create a new Linux User
2) Create a new VHost in Apache
3) Create a new FPM prosess on a new port with the user created in step 1
4) Login with the user created in step 1 and upload the Joomla files.
Place the site web root at the user's home folder where the user automatically have permissions i.e. /home/<username>/public_html
https://www.php.net/manual/en/install.fpm.php
This will isolate each site from each other and prevent cross contamination in case on site get hakkede.
-
- Joomla! Apprentice
- Posts: 47
- Joined: Wed Feb 02, 2022 7:34 am
Re: Core Permissions using Virtual Host / Synology
On the remote Hosting server all permissions can be set correctly. On a Virtual Host on a Synology NAS it seems to be impossible... I think it is safe to conclude that the security problem is not on Joomla but during the creation of the Virtual Host in Synology...