Joomla change files and folders chmod to 755 and 644 with ssh commands

I did that operation several times to make sure and here is what happens:

brand new installation of application joomla 1.5. all is ok

i run command through ssh (from inside public_html): chmod -R 755 *

after I do that all the files in folder /public_html/includes/js/jscalendar-1.0/ go with ownership 0000 and become unwritable/undeletable/

Read more: Joomla change files and folders chmod to 755 and 644 with ssh commands

Setting up a VPS to host Joomla 1.5 securely

Hi,

Here is what I found about server setup to run joomla, some are instructions, some are questions that I will let you dedice upon for me and action if you want:

A/

.HTACCESS:


I don't know if htat should be in the server's .htaccess or at account level but that's how it should be I guess:

This is something i can do myself for account level but you're welcome to comment on this part:

1/

#Prevent Cross Site Scripting (XSS) Attacksphp_flag allow_url_fopen off

#Prevent Code Injection Attacksphp_flag magic_quotes_gpc on#Note that although the magic_quotes_gpc directive adds a layer of security, for performance reasons it is not considered a best practice. If you have verified that your site correctly filters and validates all user data (and every production site really should), then there is no need to add this directive. If you have any doubt, add it.

2/

########## Begin - Rewrite rules to block out some common exploits## Block out any script trying to set a mosConfig value through the URLRewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]# Block out any script trying to base64_encode crap to send via URLRewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]# Block out any script that includes a tag in URLRewriteCond %{QUERY_STRING} (\|%3E) [NC,OR]# Block out any script trying to set a PHP GLOBALS variable via URLRewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]# Block out any script trying to modify a _REQUEST variable via URLRewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})# Send all blocked request to homepage with 403 Forbidden error!RewriteRule ^(.*)$ index.php [F,L]########### End - Rewrite rules to block out some common exploits


3/

###Block hot linking:RewriteEngine OnRewriteCond %{HTTP_REFERER} !^http://(.+\.)?securehotelbooking\.com/ [NC]RewriteCond %{HTTP_REFERER} !^$RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/no_hot_link.jpe [L]


4/#### APACHE: How do I block directory scans with .htaccess?

RewriteRule ^/*.*$ /index.php



B/

PHP.INI


1/

register_globals = 0

2/

disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open

3/

allow_url_fopen = 0

4/

magic_quotes_gpc = 1

5/

safe_mode = 1

6/

open_basedir = /dir/to/include/change/me



C/

MODULES:


1/

modsecurity 2.5.x ... no sure what settings


2/

use safeMode... ??? what will that bring??? if use, how can I turn it on or off?


3/

Follow the "Least Privilege" principle for running PHP using tools such as PHPsuExec, php_suexec or suPHPbut I'm nt sure about settings... how can I access settings fro that?


4/

Configure Apache mod_security and mod_rewrite filters to block PHP attacksplease tell me how to access settings for this too


5/

Be sure MySQL accounts are set with limited access. The initial install of MySQL is insecure; careful configuration is required


6/

TripWire or SAMHAIN or other



D/

QUESTIONS:


1/

Should PHP run as a CGI script or as an Apache module?There are two ways to configure Apache to use PHP:a. Configure Apache to load the PHP interpreter as an Apache module.b. Configure Apache to run the PHP interpreter as a CGI binary.What should I do? knowing that apparently I can't use .htaccess in the second case... but can replace with

php.ini settingsMy aim is maximum security...


2/

Edit the Apache user.conf file and tell apache to run under the FTP accountis that related / compatible / incompatible with suphp???


3/

find . -type f -exec chmod 644 {} \;find . -type d -exec chmod 755 {} \;would these lines work on the ssl of my vps?

4/

What is Nix shell? do I have that on my VPS?

Read more: Setting up a VPS to host Joomla 1.5 securely

Setting Up VPS for Joomla and Making Migration, Tutorial and Advises

Hi,

Now migration of all websites is made and I have several problems that I'd like to ask you advise with.

I hope somebody can bear with me for final VPS setup to have my websites work 100% as they were on shared.

1st and main problem I have is: eventhough suexec is installed

(if I understood you properly suexec allow me to work joomla with folder755 file644),

I still have many scripts that can't function properly with folder755 file644, most of them require 777 still...

I appears that this issue affects mainly galleries but other scripts as well.

Read more: Setting Up VPS for Joomla and Making Migration, Tutorial and Advises

Page 2 of 3

This website uses Cookies