After installation, do you leave all the write permissions on 777 or change them to something else?

[nate22]

During installation, there's a whole bunch of directories and files that need to have write permissions. I changed the directories and instructed and installed Prestashop successfully-- I can't believe how easy it was!

Now that I've successfully installed everything, don't I need to change the all those write permissions off for security purposes? I can't just leave them on 777, right? If so, what do I change them to?

I can't seem to find this info on the installation instructions.

Thanks!

[TropischBruin]

Did you have a look arround these forums as there are more then enough topics about right etc.

Just 2 topic below this one: 2 installation issues regarding permissions.

[nate22]

Yes, I read that particular post first and then searched for other threads. I did not find anyone asking the question I have asked: After installation, what do you change them to? You don't leave them on 777, right?


I have already successfully installed Prestashop, so that is not a problem.

UPDATE: I reworded my search and finally found one person asking the same question. The response was from Peter Wilson and he said, "no please leave them at 777" and what looked like a smiley face rolling his eyes. I'm not sure if this was sarcasm or serious because the smileyface looks like it's rolling his eyes.

[TropischBruin]

Yes, I read that particular post first and then searched for other threads. I did not find anyone asking the question I have asked: After installation, what do you change them to? You don't leave them on 777, right?


I have already successfully installed Prestashop, so that is not a problem.

UPDATE: I reworded my search and finally found one person asking the same question. The response was from Peter Wilson and he said, "no please leave them at 777" and what looked like a smiley face rolling his eyes. I'm not sure if this was sarcasm or serious because the smileyface looks like it's rolling his eyes.

You did not read what was discussed in that topic:

Whatever your host is saying, it is still a rights issue.

I have an host who has 755 on dirs and 644 on files and no problems with the install-script.
It could be that the user you check the rights on is NOT the same user that installs PS.
Sometimes this problem happens and is known as php-safe-mode, talk to your hoster.

[nate22]

You did not read what was discussed in that topic:

Whatever your host is saying, it is still a rights issue.

I have an host who has 755 on dirs and 644 on files and no problems with the install-script.
It could be that the user you check the rights on is NOT the same user that installs PS.
Sometimes this problem happens and is known as php-safe-mode, talk to your hoster.

I really don't understand at all what that has to do with my question. As I said, my installation was a success. There is no rights issue causing me any kind of problem whatsoever. All I am asking if it is safe to leave everything on 777 or if I should change those files to something else.

[nate22]

Still wondering... You made the effort to reply twice and even copy and paste from another thread, but you never answered my question... wouldn't it have been easier just to answer my question directly if you wanted to help me? Seems like a wasted effort.

The question is: AFTER installation, do I STILL leave the directories at 777?

[radders]

Perhaps the reason is that some things depend on how your hosting service has set things up. Yes 755 and 644 usually works for a live shop. You shouldn't really have any directory (or file) 777. In addition you don't want everyone having read access to any file that contains your database passwords.

[nate22]

Perhaps the reason is that some things depend on how your hosting service has set things up. Yes 755 and 644 usually works for a live shop. You shouldn't really have any directory (or file) 777. In addition you don't want everyone having read access to any file that contains your database passwords.

Thank you! I know just enough to be dangerous. I knew 777 wasn't safe, but I didn't know what was the appropriate # to secure it. Or, I thought possibly that the way Prestashop had separated the smarty templates from the php files made it a non-issue. Now, I can just change them and rest easy. Much appreciated again, Radders! You've been very helpful to me this week.