#1
  1. A Change of Season
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    2,664
    Rep Power
    171

    Is it ok to keep the public directory 777?


    Hi;

    I get users to upload the photos for their products to a directory like http://www.site.com/uploads

    The permissions for uploads directory is 777.

    I keep it that way so they can upload files there.

    Is it safe? Do I kneed to change it so it's secure?

    Thanks
  2. #2
  3. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Hi,

    777 is never secure. And I wonder why you think you need it. Only the webserver needs full access to the folder, so you set it as the owner and then set the permissions to something like 755.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2013
    Posts
    7
    Rep Power
    0
    777 sets full permissions to the folder. So setting it to 777 can lead to high security risk.

IMN logo majestic logo threadwatch logo seochat tools logo