Announcement

Collapse
No announcement yet.

*.php pages in acatalog - host doesn't allow if chmod 777

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    *.php pages in acatalog - host doesn't allow if chmod 777

    Regarding David Finlayson thread on
    http://community.actinic.com/showthread.php?t=46635
    and mine on
    http://community.actinic.com/showthread.php?t=50720
    How can I get pages ending in *.php to run on my hosting account (Heart) that does not allow php files to execute if chmodded above 644 or in folders above 644, the acatalog folder being 777?
    I want to be able to use David Finlayson's blog integration as well as run php mail forms.
    Others run php scripts within Actinic pages - is there a fix?
    Thank you
    Jonathan Chappell
    Website Designer
    SellerDeck Website Designer
    Actinic to SellerDeck upgrades
    Graphicz Limited - www.graphicz.co.uk

    #2
    I suspect you'll either need to get heart to change their policy or move hosts.

    4. Permissions required for web server
    Web server assigns the rights of the web-server-specific user, typically user "nobody", to the connected web client, as if "nobody" is connected to the web server. "Nobody" doesn't belong to your group and thus it inherits permissions that "others" have to your files.

    For generic files such as html or images, etc you usually need to set 644 permissions. It is because "nobody" needs to read the file, and thus the file should be readable by others, hence 4 (read only) permissions for both group and others. For yourself you need a right to read and write (hence 6) to the file.

    For scripts you need 755 rights. The script should be executable by "nobody". The script file should also be readable by "nobody", as the file is interpreted by an interpreter such as Perl and therefore must be readable. Thus it must combine read and execute permissions for "others", as "nobody" belongs to "others" group. For yourself you need to have also write access, getting 755 as a result.
    i.e. 644 doesn't give anyone permission to execute/run scripts. Not you the owner, the group, or anyone else.

    Mike
    -----------------------------------------

    First Tackle - Fly Fishing and Game Angling

    -----------------------------------------

    Comment


      #3
      sounds like they don't understand hosting and even if you do get them to relax the rights, then you will run into other big issues later
      time to move!

      Comment


        #4
        It is 777 they don't allow. They reset acatalog to 755 and the php worked fine. Also the Actinic site seems to work ok as well.
        http://www.graphicz.eu.com/site1/acatalog/formb.php
        Any comments about running Actinic on 755?
        Jonathan Chappell
        Website Designer
        SellerDeck Website Designer
        Actinic to SellerDeck upgrades
        Graphicz Limited - www.graphicz.co.uk

        Comment


          #5
          It is 777 they don't allow.
          Good. Though not what you said at the start.

          How can I get pages ending in *.php to run on my hosting account (Heart) that does not allow php files to execute if chmodded above 644 or in folders above 644,
          755 is fine with Actinic. Some hosts had problems with 755 in the past which is why you'll often see 777 suggested.

          Mike
          -----------------------------------------

          First Tackle - Fly Fishing and Game Angling

          -----------------------------------------

          Comment


            #6
            Originally posted by graphicz View Post
            It is 777 they don't allow. They reset acatalog to 755 and the php worked fine. Also the Actinic site seems to work ok as well.
            http://www.graphicz.eu.com/site1/acatalog/formb.php
            Any comments about running Actinic on 755?
            777 means that anybody can write files to the server hence the very good reason why they do not allow it.
            There are three permissions in each of the three numbers, one to allow execution of files (value is 1) , one to allow reading of files (value is 4) and one to allow writing of files (value is 2). So execute and read are 4+1 = 5, read = 4, read and write 4+2=6. The three digits of the number 755 represent owner, group and public, and for a general folder that does not contain executable files the normal value will be 644, only the owner needs write permissions.

            I have several site running Actinic and they all use 755 for actalog folder and for cgi-bin, you would only get problems if the Actinic scripts which need to write to the acatalog folder where not running with owners rights. You might then need to use 775 or get the host to sort out the credentials for perl to make sure it is running as owner.

            PHP scripts will execute fine under 755 as long as PHP is run with owner credentials.

            Malcolm

            SellerDeck Accredited Partner,
            SellerDeck 2016 Extensions, and
            Custom Packages

            Comment


              #7
              Thanks Malcolm and Mike. Sorry if I was misleading, the original reply from Heart suggested 644 for php, I may have misread.
              Thank you both for your help, much appreciated.
              Jonathan Chappell
              Website Designer
              SellerDeck Website Designer
              Actinic to SellerDeck upgrades
              Graphicz Limited - www.graphicz.co.uk

              Comment


                #8
                For completeness and fairness, this is Heart Internet's response:
                777 permissions are disallowed on our servers and scripting will not execute - this is for good reason because using 777 is very insecure and no modern software package should ever need to use this any more (if they state you have to set 777 to install or run the software, then try 755 and 99% of the time this is fine).

                You should only set and use the following permissions ->

                Directories : 711 or 755
                HTML/PHP/ASP files : 644
                CGI/Perl files : 755
                Any other file type (images, audio/video, text files, pdfs, etc) : 644

                Actinic is excellent software but they should in my honest opinion change from what many would consider to be 'insecure' and unnecessary permissions such as 777 because many shared hosting companies have similar restrictions on their servers in place.
                Jonathan Chappell
                Website Designer
                SellerDeck Website Designer
                Actinic to SellerDeck upgrades
                Graphicz Limited - www.graphicz.co.uk

                Comment


                  #9
                  Hi Jonathan, I would say that Heart misled you with that reply. I suspect if you look you'll see that the php files in your directory are set to 755. Unless you deliberately change them, the permissions on a file will inherit those of the directory they're in. In this case 755.

                  You could always try setting them to 644 but I doubt if they'll work.

                  Mike
                  -----------------------------------------

                  First Tackle - Fly Fishing and Game Angling

                  -----------------------------------------

                  Comment

                  Working...
                  X