|
This page explains how to set file permissions for the three most
common type of web files: pages, scripts and data/config files. If
you're new to scripting, or getting the dreaded "Internal Server
Error" when you try to run a sample script you've downloaded, start
here. The UNIX security model allows
you to set different levels of access to a file for different groups
of people. This allows you to let the web server modify a file via a
CGI script, for instance, while preventing other users from having
normal access to the file. There are three groups in terms of file
access, and three different permission types they can receive.
The groups are:
- User/Owner - the "user" group consists only of the owner
of the file (your account, in most cases)
Group - the "group" group consists of the other users on
the server -- you can usually remove their permissions entirely if
you think it necessary
Other/World - the "other" group
consists of everyone else -- most importantly, the web server falls
into the "other" category
The potential permissions are:
- Read - the read permission allows a user or program the
ability to read the data in a file
Write - the write permission allows a user or program the
ability to write new data into a file, and to remove data from it
Execute - the execute permission
allows a user or program the ability to execute a file, if it is a
program or script.
To keep things simple, let's make the
following assumptions:
- pages should be readable/writable by the
owner and readable by the web visitor.
- scripts should be
readable/writable/executable by the owner and readable/executable by
the web visitor.
- data-config files should be
readable/writable by the owner and readable/writable by the web
visitor.
And also, lets use the following
abbreviations:
- --- (or 0) = no permission
- r-- (or 4) = read-only permission
- rw- (or 6) = read/write permission
- r-x (or 5) = read/execute permission
- rwx (or 7) = read/write/execute permission
Sometimes you'll see these numbers referenced
for a script. For instance, "chmod your script to "755" or "777". That
means "set file permissions to
"Read-Write-Execute/Read-Execute/Read-Execute". "755" is in fact the
most common setting for CGI/Perl scripts - if your script does not
work or you get an "Internal Server Error" when you run it try this
first.
To change file permissions using your FTP software:
1. Download an FTP software like
CuteFTP or
WS_FTP.
2. Log into your account and go to the
directory where the files are located.
3. Highlight the file or directory that you
want to change permission.
4. Locate the "file permission" or "chmod"
command on your FTP software software (you may need to refer to the
manual or help file)
There should be three groups. Each group
should have either checkboxes or a selection for the permission type.
1. set pages to rw- for the owner, no
permission for the group, and r--for other
2. set scripts to rwx for the owner, no
permission for the group, and r-x for other
3. set data/config files to rw- for the
owner, no permission for the group, and rw- for other
To change file permissions using your Control Panel - File
Manager:
1. Log into your account Control Panel (mydomain.com/cpanel)
and go to the File Manager, and then the "WWW" or "public_html"
folder.
2. Identify the file that you want to change permission by
clicking on the file/directory link.
After selecting the link the right menu will update itself and show you
a list of things you can do to the file/directory. At this point
select "Change Permissions. A box like below will load:
There should be three groups. Each group should have checkboxes for
the permission types.
Definitions: (User=Owner, Group=Group, World=Other/Public)
1. set plain html pages to rw- for the user, no permission for the
group, and r--for world (default)
2. set scripts to rwx for the user, r-x for the group, and r-x for
world
3. set data/config files to rw- for the user, no permission for the
group, and rw- for world
Select "Change" to finish.
To change file permissions through Telnet/SSH Access click
here.
|
|