ProcessWire - Sicherheit

Aus Wikizone
Version vom 16. April 2019, 07:54 Uhr von 37.49.72.8 (Diskussion) (Die Seite wurde neu angelegt: „== ProcessWire absichern == Ausführliche Erläuterung gibt's auf https://processwire.com/docs/security/ '''Kurzform''' '''Potential permissions for writab…“)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu: Navigation, Suche

ProcessWire absichern

Ausführliche Erläuterung gibt's auf 

https://processwire.com/docs/security/

Kurzform

Potential permissions for writable directories and files 

Permission 755 for directories and 644 for files
Worst case: 777 for directories and 666 for files

Potential permissions for /site/config.php 

Recommend settings if you don't need write access: 
400 [r--------] readable by owner (most secure, if it works)
440 [r--r-----] readable by owner and group (if 400 doesn't work)

Recommended settings if you need write access: 
600 [rw-------] readable and writable by owner (most secure, if it works)
640 [rw-r-----] readable and writable by owner, readable to group
660 [rw-rw----] readable and writable by owner and group

Not recommended unless nothing else will work:*
444 [r--r--r--] readable by all
644 [rw-r--r--] readable by all, writable to owner
664 [rw-rw-r--] readable by all, writable to owner and group


Assets 

755 site/assets (rekursiv)

Determining what user apache runs as Should /site/modules/ be writable?

Abgerufen von „https://wiki.stephanschlegel.de/index.php?title=ProcessWire_-_Sicherheit&oldid=23813