Hi
I've received the following from my site host and I'm not sure how to implement the changes, could someone please advise me how to do this please?
"As part of your service, Easyspace regularly scans our webservers for potential threats and security concerns. Unfortunately in our most recent scan, we have identified some files and folders which have permissions set which could pose a security risk to your website, including but not limited to site defacement.
It could be that things have been set this way on purpose, quite often software vendors require that 777 or 775 permissions are setup on particular folders in order for the software install to function correctly. Examples of software which require this are; Actinic shops; CMS like Xoops, Mambo / Joomla and Wordpress; f! ile upload scripts' message boards like phpBB and guest books.
We have recently implemented security changes which now mean that all scripts, CGI, PHP etc. hosted on these systems no longer need these additional permissions. All of your scripts should run just fine with the default permissions when you upload them.
When files are uploaded to the webspace via an ftp client, the permissions will no longer need to be changed from the default 644 for your applications to work. Further to this however, sometimes the application may create a session cookie with 777 or 775 permissions, we would ask that you either alter the application code to prevent the files being created with these permissions or move the content out of the web accessible space. You may wish to contact your web developer or application provider for help with this.
We have identified the following files / folders within your webspace which are set to World and Group-Writeable and wou! ld ask that you update the permissions on these files appropriately:
/www/acatalog/error.err
Usually you can recursively change the permissions on a folder via your ftp client, this will allow the files within the folder to inherit the folder permissions preventing you from having to manually alter the permissions for every individual file.
Any advice would be greatly appreciated.
Julie
www.toys-to-you.co.uk
I've received the following from my site host and I'm not sure how to implement the changes, could someone please advise me how to do this please?
"As part of your service, Easyspace regularly scans our webservers for potential threats and security concerns. Unfortunately in our most recent scan, we have identified some files and folders which have permissions set which could pose a security risk to your website, including but not limited to site defacement.
It could be that things have been set this way on purpose, quite often software vendors require that 777 or 775 permissions are setup on particular folders in order for the software install to function correctly. Examples of software which require this are; Actinic shops; CMS like Xoops, Mambo / Joomla and Wordpress; f! ile upload scripts' message boards like phpBB and guest books.
We have recently implemented security changes which now mean that all scripts, CGI, PHP etc. hosted on these systems no longer need these additional permissions. All of your scripts should run just fine with the default permissions when you upload them.
When files are uploaded to the webspace via an ftp client, the permissions will no longer need to be changed from the default 644 for your applications to work. Further to this however, sometimes the application may create a session cookie with 777 or 775 permissions, we would ask that you either alter the application code to prevent the files being created with these permissions or move the content out of the web accessible space. You may wish to contact your web developer or application provider for help with this.
We have identified the following files / folders within your webspace which are set to World and Group-Writeable and wou! ld ask that you update the permissions on these files appropriately:
/www/acatalog/error.err
Usually you can recursively change the permissions on a folder via your ftp client, this will allow the files within the folder to inherit the folder permissions preventing you from having to manually alter the permissions for every individual file.
Any advice would be greatly appreciated.
Julie
www.toys-to-you.co.uk
Comment