Security
beat
17 years 9 months ago #16616
by beat
Beat - Community Builder Team Member
Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info
Replied by beat on topic Re:Security
stb74 wrote:
- You just need that directory with write access from web-server process. Not all directories.
- no help around this until joomla 1.5 is here. And even then, i'm not sure if storing the ftp username and password in a configuration file tp avoid 777 on folders makes it really safer....
- In all cases, you need to keep your web software and extensions up-to-date. Remember: SQL database has write-access from web-server...
Hi
I have just installed CB and to get the user images working I had the change the folder permisions to 777.
I recently had an issue with hackers because of folder/file permissions.
IS this method not insecure, is there any other way I can allow users to upload images without having the folders 777.
Thanks
Post edited by: stb74, at: 2006/07/07 00:19
- You just need that directory with write access from web-server process. Not all directories.
- no help around this until joomla 1.5 is here. And even then, i'm not sure if storing the ftp username and password in a configuration file tp avoid 777 on folders makes it really safer....
- In all cases, you need to keep your web software and extensions up-to-date. Remember: SQL database has write-access from web-server...
Beat - Community Builder Team Member
Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info
Please Log in to join the conversation.
Moderators: beat, nant, krileon
Time to create page: 0.206 seconds
