Post by jorgeamaya » Fri May 28, pm worked perfectly after I changed folder permissions to Post by Zaphkiel » Sun Jan 23, am I know this is an old topic but got a permission problem too. I'm new to joomla cuz I thought it would be fun to play around with. I was able to install Joomla 1. Can't seem to figure out the problem. I'm running it on a local Linux installation. Version: Joomla!
Post by dpacadmin » Sun Jan 23, pm Have you checked the ownership of the files and folders? Post by Zaphkiel » Mon Jan 24, am dpacadmin wrote: Have you checked the ownership of the files and folders? Post by burhan49 » Tue Jan 25, pm thanks.
Post by geofftahoe » Wed Jan 26, am I am a total newbie looking to explore Joomla. I have just installed version 1. I am trying to follow what is being referred to in this thread, but I have no idea how to set permissions to or what that even means. I am on a MacPro, and I had to reset folder permissions in order to be able to install Joomla, but that clearly isn't what you are referring to.
I have a web host Forgive a newb I am reading everything I can get my hands on including the ownership link above, and am more than happy to be responsible for my learning curve, but there is some basic info I can't seem to find or figure out. Update: I have gone into the Joomla Folder and changed many permissions and I got all but one to writeable.
The newbie is learning. Post by Zaphkiel » Wed Jan 26, am geofftahoe wrote: I am a total newbie looking to explore Joomla. Post by geofftahoe » Wed Jan 26, pm Zaphkiel wrote: you can change the permissions through the command line using ssh or by connecting through ftp. Some webhost providers don't give access to command line and then you can change the permissions through connection by ftp. I think it depends on where you rent it. Post by Zaphkiel » Wed Jan 26, pm geofftahoe wrote: Zaphkiel wrote: you can change the permissions through the command line using ssh or by connecting through ftp.
Everything works fine except permissions on 2 folders. Security Checklist. Categories : Article split requests Security Checklist. It has been suggested that this article or section be split into multiple pages. Reason: Informations for EOL versions will be moved to a separate page.
If split is not obvious, please allow split request to remain for 1 week pending discussions. Root is exclusive control of the entire computer system, not just the web server. Using it routinely to log in and do operations is not recommended. Here is your dilema, only root can change ownership once it owns a file. That is why people have to call their tech support to make teh changes when needed, especially when Joomla has components set up and owned by root.
So, we're back to the original discussion of this thread. I have had dozens of websites and have used many hosting services. So, when looking for a Joomla host, ask if they implement phpsuexec and php-cgi. Using phpsuexec and php-cgi resolves some of these issues. My user account has the default level when you create the account and I made it a member of the same group as the website www. I am hosting from my own apache server by the way. I'm not using a hosting service.
Re: Directory permissions unwriteable Post by vjtemplates » Mon Feb 02, pm for directories and for files. Default from Joomla. Re: Directory permissions unwriteable Post by robwm » Mon Feb 02, pm I am talking about user account permissions, not files and folders. I need a user other than root with adequate permissions so I perform typical duties remotely via SSH.
Look at my last post and it should give you a pretty good idea what I am talking about. Re: Directory permissions unwriteable Post by muddauber » Mon Feb 02, pm If I understand you right, you are looking to create a user on your server, not a Joomla user, correct? If so, that user can be in a group or just a regular user with their space of varying controls on the server.
If you do what you first suggested and have the root have all ownership and permssions than it will own the files. The conventional way of doing this is create user on your server which has control of their stuff on the server. Your initial approach seemed a little odd to me, but seeing you are doing it locally may make some sense, but I wouldn't do it that way. What OS and server are you using? Are you running FTP and Telnet already?
Re: Directory permissions unwriteable Post by needhelpeeps » Mon Feb 02, pm I don't think you ever need to login as root, you can just use su if you ever need to do something as root. For example I ssh in as myself but that doesnt mean I cannot perform any function I need.
I dont type the root password in util I am already on the system and the connection is encrypted with a bit key, in fact I couldnt eve log in as root or any other user on the system if I wanted to.
Actually wouldn't having the files owned by a regular user with a strong password be better than having them owned by root be better anyway so as the other person said you don't even need to be root to change or move or del something?
I guess I am still mystified what the benefit of having every directory and file writable to the webserver would be and I think this is the case if the webserver user owns the files, there must be something I just don't understand here, I'm new to joomla so still soaking all this stuff in.
Isn't this terribly insecure? I understand this might be convienant but assuming one is using a dedicated machine I cannot understand how this would be more secure than having them owened by a user other than the webserver and setting the webserver to not have write access except in those directories where it is essential.
Re: Directory permissions unwriteable Post by muddauber » Tue Feb 03, am "Actually wouldn't having the files owned by a regular user with a strong password be better than having them owned by root be better anyway so as the other person said you don't even need to be root to change or move or del something?
Consider the OS and Server the crown jewels. When Linux and Unix were designed, they were designed with security as the top concern. Windows started years after having the default users as a "root" administrator. If any script was in the system while the user was online, it was and still is easy to make major changes to the system. The group is you and others that are on the same server. I had an account on a shared server and could actually go into their directories and poke around, view code, etc.
The minute I tried to open and W rite a file, I would get an error message. AND, the server log would tell the admin that I was attempting to alter a file. Putting all your files as owned by the server makes it so you have to login as root to make changes. There are many, many options, installs, etc that work with the management of Joomla that will frustrate you if you are logged in as a regular user and have to change something.
If you don't own it, you can't mess with it. Technically speaking, that pretty much resolves the issue I would think. I was talking about a server user rather than a Joomla user. I've done quite a bit by trial and error make minimal change, see if it works, etc , but someone must have gone through this before. I'm surprised there isn't something included with the installation process for this.
The problem I'm having is that we have the joomla user which is different than the user apache is running as, and occasionally they both need to write to the same file uploading modules, etc.
Do you have any sgid directories to enable both users to write to the same directories? There's no way just changing everything to or is sufficient for any real website, let alone one under current development. Actually, one way this would work to set everything to or is if you changed the ownership of all files to that of the web server, and also only access it for file uploads as the web server user.
That is not a secure way to do it. The files were all changed to be owned by 'joomadmin' when the installation was set up, with the 'apache' users in the same group as 'joomadmin'.
0コメント