ProcessWire - Sicherheit
Aus Wikizone
ProcessWire absichern
Ausführliche Erläuterung gibt's auf
https://processwire.com/docs/security/
Installer Vorschläge
- Note that future runtime errors are logged to /site/assets/logs/errors.txt (not web accessible).
- For more configuration options see /wire/config.php and place any edits in /site/config.php.
- Consider making your /site/config.php file non-writable, and readable only to you and Apache.
- View and edit your .htaccess file to force HTTPS, setup redirects, and more.
Quickstart Security
Kurzform
Potential permissions for writable directories and files
Permission 755 for directories and 644 for files Worst case: 777 for directories and 666 for files
Potential permissions for /site/config.php
Recommend settings if you don't need write access: 400 [r--------] readable by owner (most secure, if it works) 440 [r--r-----] readable by owner and group (if 400 doesn't work) Recommended settings if you need write access: 600 [rw-------] readable and writable by owner (most secure, if it works) 640 [rw-r-----] readable and writable by owner, readable to group 660 [rw-rw----] readable and writable by owner and group Not recommended unless nothing else will work:* 444 [r--r--r--] readable by all 644 [rw-r--r--] readable by all, writable to owner 664 [rw-rw-r--] readable by all, writable to owner and group
Assets
755 site/assets (rekursiv)
Further Considerations
Determining what user apache runs as (<?php echo exec('whoami');)
Should /site/modules/ be writable?
