Security Q: Permissions for proxy
Posted: Fri Apr 04, 2014 9:42 am
Hi guys,
first thing first I must thank you for the great project. Vesta has incredible boosted my sites and I hope you release soon 0.9.9-9 with FPM support.
I have only one question about security. If you enable proxy to website, you must set on every file (image, javascript, movies, ...) permissions to 775. If you don't have these permissions, error in log appear and media won't load:
Can you explain me if it's safe method or not? Because if you normally copy via SCP/SFPT files you must manually set 775 to them, because they have in default 644/600.
Thank you for explanation.
(Debian 7.4)
first thing first I must thank you for the great project. Vesta has incredible boosted my sites and I hope you release soon 0.9.9-9 with FPM support.
I have only one question about security. If you enable proxy to website, you must set on every file (image, javascript, movies, ...) permissions to 775. If you don't have these permissions, error in log appear and media won't load:
So my question is about permissions. Can I set to every file recursively chmod -R 775 /home/user/web/ ? Media are okay but php scripts and configuration php files will be in threat I think.[error] 21284#0: *7 open() "/home/xxx/web/domain.tld/public_html/images/icons/misc/star.gif" failed (13: Permission denied), client: xx.xx.xx.xx, server: domain.org, request: "GET //images/icons/misc/star.gif HTTP/1.1",
Can you explain me if it's safe method or not? Because if you normally copy via SCP/SFPT files you must manually set 775 to them, because they have in default 644/600.
Thank you for explanation.
(Debian 7.4)