Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

File / Folder Permissions: Best Practice / Correct Usage


Reply


847 Views

Avatar
CHD

Community Member, 218 Posts

2 September 2011 at 11:03pm

Morning all,

I've always just left my SilverStripe installations with the default file/folder permissions on my server, but lately I've been setting up individual sys_users / ftp_users for each domain, whilst updating the owners in Linux it seems to reset all the file permissions and the site throws up a server error. Easily fixed by updating all of the folder / File permissions.

however, it has raised the question for me again, what really is the most secure setup for after installation?
I always thought the assets folder had to be writeable by all, but i've just tried with public permissions set to 0 and the CMS can still edit all files in the assets folder fine.

I've looked around here and Google and not found any good answers in regards to this, so can anybody shed any light on it now?

I'm looking for the most secure setup, for all files and folders so that the site will run smoothly, CMS can update assets but I can be 100% confident that the site is secure, and nobody can access the _config.php file for example

thanks in advance for any help.