How should secuity be set for folders?

[anke]

The install WIKI says (below) and now we are getting a bunch of errors in the log file that the modules are writable by others??? Is this correct!!??? We changed from 755 to 777 in all modules/folders the wike says to!

http://www.prestashop.com/wiki/Installing_and_Updating_PrestaShop_software/

6.While you have your FTP connected to your Web hosting server, make sure the following PrestaShop folders have ‘write’ permissions (also known as “CHMOD 777” – explanation of file permissions here) but do not apply these permissions recursively (to their subfolders): /config, /upload, /download, /tools/smarty/compile. Then make sure the following folders have ‘write’ permissions and apply these permissions recursively (to their subfolders): /img, /mails, /modules, /themes/prestashop/lang, /translations


HELP!

[tomerg3]

Most good hosting companies have the permissions set in a way that 755 is enough, and 777 will not work and give you error 500, this is done because 777 is very unsecure.

However, some hosting companies don't have the 755 setup, so you need to follow the wiki instructions and set it to 777

[iheartwine]

does anybody know how to change all files in specified folder to 777? e.g. MODULES folder. I have problems with my provider, because 755/644 is not enough and i receive an error when i want to make a translation i back office. horiibble :/

777 is unsafe :/ but my provider told me, it should do.

[tomerg3]

What's better, finding out your site got hacked, or moving to a proper host that can handle secure file permissions for a website?

[iheartwine]

it's actually not my provider, but my customer's. i'm forcing them to change the server but they are stubborn :/ damn. 5 telephones to customer services department with explanation that 777 is not safe - no use :/ They told me not to worry about, because there is some mod_apparmor function - never heard of. ?

[tomerg3]

Nothing you can do about that, other than say I told you so later.

From an FTP program (I use filezilla) you should be able to select the folder, right click and change the permissions, there will be an option to include all subfolders and files.

[iheartwine]

i use total commander, no option to select subfolders :/

anyway, tommorow i'll try once more to force my client to change provider

tnx

[ukmacnut]

I do think the install wiki should be changed to warn users about '777'
After installation, and adding some products, I was able to change everything back to pre-installation permissions.
There was an error, so I had to apply '777' to one folder which was smarty/compile.