optizyme Posted August 31, 2013 Share Posted August 31, 2013 Dear all, I re-created my website on 1.5.4.1. I was using 1.4.6.2 and i upgraded due to security issues. When i install 1.5.4.1, Presta asked me about some permissions. I changed some directories and files permissions to 777. I searched some web sites and they advice 755 for directories and 644 for files. I changed some directories to 755 and files to 644 but in back office, i got http 500 errors. I changed back to 777. Could you please help me about how i will setup the permissions? Also, will i have problems at back office? After permissions, what should i do for the strongest security position? Are there any security check module? Thanks in advance for your help. Opti Link to comment Share on other sites More sharing options...
El Patron Posted August 31, 2013 Share Posted August 31, 2013 you should contact your hosting provider, some domains do not run as 'user' so one must set the permissions to 777. And like you have found out, this is not a good way to run a domain. Link to comment Share on other sites More sharing options...
optizyme Posted September 1, 2013 Author Share Posted September 1, 2013 @el patron : Thank you for your reply. I contacted my hosting company and they said i had problems because their php safe mode was on. They set to safe mode off. Now i start to change permissions. It again complained about smarty thing. I turned off cache checked it was ok. I again turned on, it seems ok now. In Presta documents, directories shall be set to 775 and files 664. Is it safe 775/664 or should i set to 755/644? Is there any security check module compatible with 1.5.x? TIA Opti Link to comment Share on other sites More sharing options...
El Patron Posted September 1, 2013 Share Posted September 1, 2013 I use and recommend 755/644. As for security module, not sure in the back office you can set back office-->preferences-->general set "increase front office security to yes", I keeps your cookie from being upsurped. most shops that have been hacked were hacked via ftp, so hide those credentials, and change password often Link to comment Share on other sites More sharing options...
El Patron Posted March 9, 2014 Share Posted March 9, 2014 I use and recommend 755/644. As for security module, not sure in the back office you can set back office-->preferences-->general set "increase front office security to yes", I keeps your cookie from being upsurped. most shops that have been hacked were hacked via ftp, so hide those credentials, and change password often as a follow up on this, I created a module that alerts shop manager(s) when file changes including permissions have been made. You can either accept the change or restore the file from the Vault. I hope you like my work: http://www.prestashop.com/forums/topic/303132-module-prestavault-malware-trojan-virus-protection/ Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now