charlie123 Posted November 6, 2012 Share Posted November 6, 2012 Hello, I don't know how is that possible, but all my files and filders/subfolders of my prestashop installation are set to 777. I tried to change it to 755 and 666, 644 but whatever I put I will see the ERROR 500 message and website won't work. With 777 is all fine, but I won't let it stay like that as website will be hacked. 777 is very dangerous setting and even PS manual advise to change permissions to 755 and 644. Why in my case I'm receiving error 500 than? I am on VPS server with Linux Centos 6. Do I need to install additional software or something? I tried to contact my VPS provider. They said: I must say far too many of your files/folders have 777 permissions. This is VERY dangerous and will mean your sites and server will be compromised. Right now all your files are writable by anyone - including all your php files ! I've asked than if he can change permissions for me but he replied: This is not possible,m doing so will break your sites. Only files/folders that apache NEEDS write access to should be 777 or owned by apache/nobody. I changed it manually anyway (all files to 644 and folders 755) but I have an Error 500 now. How I can fix it please? Link to comment Share on other sites More sharing options...
a2hosting-andy Posted November 6, 2012 Share Posted November 6, 2012 You may not have gotten all of your files/folders set properly. Doing it manually is not failsafe. Have you tried running any shell scripts to repair your permissions? Have you also checked the ownership of your files? Navigate to your web directory, then find . -type f -exec chmod 644 {} \; && find . -type d -exec chmod 755 {} \; *BE CAREFUL* only run this in the web directory where all your publicly-visible files are located. You may also need to chown your files to your correct user/group - that setting will depend on your web host, though, so I can't give you the exact command. Good luck! -Andy 2 Link to comment Share on other sites More sharing options...
charlie123 Posted November 6, 2012 Author Share Posted November 6, 2012 (edited) You may not have gotten all of your files/folders set properly. Doing it manually is not failsafe. Have you tried running any shell scripts to repair your permissions? Have you also checked the ownership of your files? Navigate to your web directory, then find . -type f -exec chmod 644 {} \; && find . -type d -exec chmod 755 {} \; *BE CAREFUL* only run this in the web directory where all your publicly-visible files are located. You may also need to chown your files to your correct user/group - that setting will depend on your web host, though, so I can't give you the exact command. Good luck! -Andy Hi, thank you for the message, I ran that command "find . -type f -exec chmod 644 {} \; && find . -type d -exec chmod 755 {} \;" and now only FRONT page can be loaded and if I click on any product or category or any link, it won't work... Error 500 Which files should I chown? My hosting supposed to be managed so I can ask them to chown but what excatly? Thank you for your help! Edit: I found something like that here: http://www.anterp.com/blog/?p=414 chown -R apache:apache /var/www/html/prestashop Should I try this command? Edited November 6, 2012 by charlie123 (see edit history) Link to comment Share on other sites More sharing options...
charlie123 Posted November 6, 2012 Author Share Posted November 6, 2012 ALl the files are now 644 and folders 755. I can also log into the admin panel, but when I click on some of the links I can see Error 500. Luckily, I can get access to configuration information. It might help: Server information Server information: Linux #6 SMP Sat Mar 3 00:42:09 GMT 2012 x86_64 Server software version: Apache/2 PHP version: 5.3.17 Memory limit: 128M Max execution time: 30 Database information MySQL version: 5.5.28 MySQL engine: InnoDB Tables prefix: ps_ Store information Prestashop version: 1.5.2.0 Shop URL: https://myurl.com/ - edited by me Current theme in use: default Mail configuration Mail method: You are using the PHP mail() function. Your information Your web browser: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4 Check your configuration Required parameters: Please fix the following error(s) Set write permissions for "config" folder Set write permissions for "cache" folder Set write permissions for "sitemap.xml" file Set write permissions for "log" folder and subfolders, recursively Set write permissions for "img" folder and subfolders, recursively Set write permissions for "mails" folder and subfolders, recursively Set write permissions for "modules" folder and subfolders, recursively Set write permissions for "translations" folder and subfolders, recursively Set write permissions for "upload" folder and subfolders, recursively Set write permissions for "download" folder and subfolders, recursively Optional parameters: OK List of changed files Changed/missing files have been detected Updated files (5) classes/Cart.php config/config.inc.php config/defines.inc.php config/xml/modules_list.xml controllers/admin/AdminCartsController.php Link to comment Share on other sites More sharing options...
charlie123 Posted November 6, 2012 Author Share Posted November 6, 2012 Aww sorry for another post under my previous ones, but I've found something like this: enter the directory where the shop resides and do the following: find . -type f -exec chmod 644 {} \; find . -type d -exec chmod 755 {} \; This will fix ownership to 644 for files and 755 for directories Then, assuming that the user apache runs is www, you can find that information from /etc/passwd, apply the following: chown www:www config chown www:www tools/smarty/compile chown www:www tools/smarty/cache chown www:www tools/smarty_v2/compile chown www:www tools/smarty_v2/cache chown www:www sitemap.xml chown www:www log chown -R www:www img chown -R www:www mails chown -R www:www modules chown -R www:www themes/prestashop/lang chown -R www:www themes/prestashop/cache chown -R www:www translations chown -R www:www upload chown -R www:www download It is important that you apply ownership to the correct user. In some Linux systems its www-data, others apache and finally www. I've checked my etc/passwd and I can see apache:x:497:501::/var/www:bin/false there. Should I run all of those chown -r commands? Thank you Link to comment Share on other sites More sharing options...
a2hosting-andy Posted November 7, 2012 Share Posted November 7, 2012 (edited) Charlie, Can you go into your web folder and run this command ls -al > prestalist.txt and post the result? (The results will be in the text file prestalist.txt) Then we can see what's really going on with your permissions/ownership and hopefully get you squared away. Thanks, Andy Edited November 7, 2012 by a2hosting-andy (see edit history) Link to comment Share on other sites More sharing options...
charlie123 Posted November 7, 2012 Author Share Posted November 7, 2012 Charlie, Can you go into your web folder and run this command ls -al > prestalist.txt and post the result? (The results will be in the text file prestalist.txt) Then we can see what's really going on with your permissions/ownership and hopefully get you squared away. Thanks, Andy Thank you for your message, The file is in attachment. Just to let you know, I did not run any of the chown commands yet. Thanks, really appreciate your help! prestalist.txt Link to comment Share on other sites More sharing options...
a2hosting-andy Posted November 7, 2012 Share Posted November 7, 2012 Yeah your file ownership is outta whack. Without knowing how your site is set up, my best guest based on what you posted is that your permissions should be set to apache:apache Try chown apache:apache * -R on your prestashop files. With your server being managed, they should at least be able to help you set the ownership of your files properly. If this doesn't work I would press them to help you get them owned by the correct user:group -Andy 2 Link to comment Share on other sites More sharing options...
charlie123 Posted November 7, 2012 Author Share Posted November 7, 2012 Wow, thanks! So far so good, looks like the website is working fine after chown apache:apache * -R Should I leave 755 and 644 as it is than? Once again many thanks for your help Andy! Link to comment Share on other sites More sharing options...
w1dg3t Posted November 7, 2012 Share Posted November 7, 2012 what id did on my windows server was going in through the virtual desktop and just aplly all permissions on teh prestashop folder, frees up everything then. Link to comment Share on other sites More sharing options...
a2hosting-andy Posted November 7, 2012 Share Posted November 7, 2012 Yep, you can leave them at 755 and 644. Now that apache owns the files, it can write where it needs to without needing 777 perms. Glad it's working! -Andy Link to comment Share on other sites More sharing options...
drujas Posted June 18, 2014 Share Posted June 18, 2014 This information is helpful, tank you. Link to comment Share on other sites More sharing options...
wippa Posted July 10, 2014 Share Posted July 10, 2014 For people who cannot use PHP exec() like functions, cron or whatever you have tried, you can check that link. http://www.prestashop.com/forums/topic/305214-release-1562-403-forbidden-install/?do=findComment&comment=1731761.It's a little explanation of a php user made function wich solves that perfectly including shared servers.Regards. Link to comment Share on other sites More sharing options...
MaXi32 Posted May 23, 2015 Share Posted May 23, 2015 Yeah your file ownership is outta whack. Without knowing how your site is set up, my best guest based on what you posted is that your permissions should be set to apache:apache Try chown apache:apache * -Ron your prestashop files. With your server being managed, they should at least be able to help you set the ownership of your files properly. If this doesn't work I would press them to help you get them owned by the correct user:group -Andy can this be done in a shared hosting? Link to comment Share on other sites More sharing options...
Recommended Posts