ProcessWire - Sicherheit: Unterschied zwischen den Versionen
Aus Wikizone
(Die Seite wurde neu angelegt: „== ProcessWire absichern == Ausführliche Erläuterung gibt's auf https://processwire.com/docs/security/ '''Kurzform''' '''Potential permissions for writab…“) |
|||
| (2 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 2: | Zeile 2: | ||
Ausführliche Erläuterung gibt's auf | Ausführliche Erläuterung gibt's auf | ||
https://processwire.com/docs/security/ | https://processwire.com/docs/security/ | ||
| + | |||
| + | == Installer Vorschläge == | ||
| + | * Note that future '''runtime errors''' are logged to /site/assets/logs/errors.txt (not web accessible). | ||
| + | * For more '''configuration options''' see /wire/config.php and place any edits in /site/config.php. | ||
| + | * Consider making your '''/site/config.php''' file non-writable, and readable only to you and Apache. | ||
| + | * View and edit your '''.htaccess''' file to force HTTPS, setup redirects, and more. | ||
| + | |||
| + | == Quickstart Security == | ||
'''Kurzform''' | '''Kurzform''' | ||
| Zeile 30: | Zeile 38: | ||
'''Assets''' | '''Assets''' | ||
755 site/assets (rekursiv) | 755 site/assets (rekursiv) | ||
| + | '' Further Considerations '' | ||
| − | Determining what user apache runs as | + | Determining what user apache runs as (<?php echo exec('whoami');) |
| − | Should /site/modules/ be writable? | + | Should /site/modules/ be writable? |
Aktuelle Version vom 28. Februar 2020, 11:53 Uhr
ProcessWire absichern[Bearbeiten]
Ausführliche Erläuterung gibt's auf
https://processwire.com/docs/security/
Installer Vorschläge[Bearbeiten]
- Note that future runtime errors are logged to /site/assets/logs/errors.txt (not web accessible).
- For more configuration options see /wire/config.php and place any edits in /site/config.php.
- Consider making your /site/config.php file non-writable, and readable only to you and Apache.
- View and edit your .htaccess file to force HTTPS, setup redirects, and more.
Quickstart Security[Bearbeiten]
Kurzform
Potential permissions for writable directories and files
Permission 755 for directories and 644 for files Worst case: 777 for directories and 666 for files
Potential permissions for /site/config.php
Recommend settings if you don't need write access: 400 [r--------] readable by owner (most secure, if it works) 440 [r--r-----] readable by owner and group (if 400 doesn't work) Recommended settings if you need write access: 600 [rw-------] readable and writable by owner (most secure, if it works) 640 [rw-r-----] readable and writable by owner, readable to group 660 [rw-rw----] readable and writable by owner and group Not recommended unless nothing else will work:* 444 [r--r--r--] readable by all 644 [rw-r--r--] readable by all, writable to owner 664 [rw-rw-r--] readable by all, writable to owner and group
Assets
755 site/assets (rekursiv)
Further Considerations
Determining what user apache runs as (<?php echo exec('whoami');)
Should /site/modules/ be writable?
