Portal Home > Knowledgebase > Articles Database > CHMOD 755 or 777
CHMOD 755 or 777
| Posted by Master Merlin, 05-09-2010, 06:19 AM |
| Greetings,
After I switched my VPS provider I noticed something was wrong with chmod permissions. For example all my forums and content management systems required me to chmod the cache dirs to 777. While they were working fine on 755 with my previous vps.
Why is this happening?
How can I fix it?
|
| Posted by Georgio H, 05-09-2010, 06:27 AM |
| Hello,
I don't know, but just chmod them 777?
Regards,
|
| Posted by Matt R, 05-09-2010, 06:27 AM |
| Hello,
Your previous VPS probably came with PHP compiled in SuExec mode.
If it's a cPanel server, run /scripts/easyapache over SSH and recompile Apache with phpSuExec support. That'll fix that issue for you just fine.
Using a chmod of 777 is quite dangerous, especially if your servers security is breached.
Also, I'd suggest enabling open_basedir just to be on the safe side (That's done simply through WHM).
Thanks,
Matt
|
| Posted by HostXNow_Chris, 05-09-2010, 06:28 AM |
| The last VPS setup was probably using suPHP for the PHP 5 Handler. The new setup is most likely using CGI or DSO.
You can change it at http://yourip:2086/scripts2/phpandsuexecconf
|
| Posted by Matt R, 05-09-2010, 06:30 AM |
| Sure -- but if you follow this advice, you're leaving potential security holes in place.
Especially if someone uploads a shell script, for example.
|
| Posted by Server Management, 05-09-2010, 06:37 AM |
| CHMOD 777 file: available to owners, groups and the world at large in order to Read, Write and Execute.
CHMOD 755 file: available to owners to Read, Write and Execute; and to groups and the world at large to Read and Execute only.
CHMOD 644 file: available to owners to Read and Write; and to groups and the world at large to Read only.
CHMOD 666 file: available to owners, groups and the world at large in order to Read and Write.
U,d be crazy to use 777!
Regards
|
| Posted by Master Merlin, 05-09-2010, 07:06 AM |
| I know its dangerous to leave it 777 that's why I asked the question
Thanks a lot.
|
| Posted by Master Merlin, 05-09-2010, 07:11 AM |
| Oh but strange enough:
Default PHP Version (.php files) 5
PHP 5 Handler dso
PHP 4 Handler none
Apache suEXEC on
--------------------------------
SuExec is already active, but I can only change the PHP handler to cgi, none and dso... there is no suPHP... I guess I need to install suPHP with apache easy updater?
Last edited by Master Merlin; 05-09-2010 at 07:16 AM.
|
| Posted by HostXNow_Chris, 05-09-2010, 07:14 AM |
| Sounds like you need to change the PHP 5 Handler from DSO to suPHP. Confirm this with your web hosting provider.
|
| Posted by Server Management, 05-09-2010, 07:16 AM |
| Care to share which vps provider you have changed too ?
|
| Posted by Master Merlin, 05-09-2010, 07:23 AM |
| Of course. intovps.com
I am happy with theme however they do have some problems with yahoo blacklisting their emails and ip's. However they provide a guide how to solve it.
|
| Posted by HostXNow_Chris, 05-09-2010, 07:30 AM |
| They should be good as IntoDNS.com also use them.
|
| Posted by Master Merlin, 05-09-2010, 08:03 AM |
| Yap they are perfect.
By the way, problem fixed. Thanks.
|
| Posted by HostXNow_Chris, 05-09-2010, 09:44 AM |
| No problem.
|
| Posted by Tristan Perry, 05-09-2010, 11:30 AM |
| This is (potentially) bad for security and could crash the OP's site if SuExec was enabled..
Glad to hear you got it sorted in the end though, Master Merlin
|
| Posted by MikeDVB, 05-09-2010, 01:22 PM |
| Rebuild Apache using EasyApache in cPanel and build in support for suPHP (need to select it under Apache and PHP I believe) and then once it's done you'll be able to use suPHP allowing 755.
If you're the only one on the VPS and you're not sharing it with anybody else worst case is if one of your sites becomes compromised they will all be vulnerable but if you keep your sites up to date and secure it's not as big a risk as some would make it out to be.
Going 755 and using different cPanels (and as such different usernames) will help prevent damage from one compromised account from carrying over to another etc... php open_basedir will help with that as well.
|
| Posted by Bellthorpe, 05-14-2010, 07:29 AM |
| I was seconds away from signing with them when I read that.
Can you elaborate? I don't see such a guide on their site.
|
| Posted by PPOwens, 05-14-2010, 07:31 AM |
| Sounds like suexec to me, chmod to 755 or lower.
|
| Posted by MikeDVB, 05-14-2010, 08:03 AM |
| Exactly - just need to enable it in Apache and PHP and then set it in the php.conf (via WHM).
|
| Posted by Master Merlin, 05-14-2010, 03:49 PM |
| Gentelment, thank you. But as I stated earlier, I've already had my problem fixed.
Well they got a bunch of IP's which come from a ip zone which from many spam emails were sent so yahoo, gmail, hotmail, instead of blacklisting the malicious one, blacklisted whole blocks of ip's.
However, they provide a guide (in the FAQ section of client area) how to fix the problem.
|
| Posted by Bellthorpe, 05-14-2010, 07:57 PM |
| Thanks, I've now found that FAQ. Seems reasonable. I will be signing with IntoVPS.
|
| Posted by net, 05-14-2010, 08:01 PM |
| Moved > Hosting Security and Technology .
|
Add to Favourites 
Print this Article
Also Read
Rating Sysetm (Views: 668)
