ProcessWire - Sicherheit
Aus Wikizone
ProcessWire absichern[Bearbeiten]
Ausführliche Erläuterung gibt's auf
https://processwire.com/docs/security/
Installer Vorschläge[Bearbeiten]
- Note that future runtime errors are logged to /site/assets/logs/errors.txt (not web accessible).
- For more configuration options see /wire/config.php and place any edits in /site/config.php.
- Consider making your /site/config.php file non-writable, and readable only to you and Apache.
- View and edit your .htaccess file to force HTTPS, setup redirects, and more.
Quickstart Security[Bearbeiten]
Kurzform
Potential permissions for writable directories and files
Permission 755 for directories and 644 for files Worst case: 777 for directories and 666 for files
Potential permissions for /site/config.php
Recommend settings if you don't need write access: 400 [r--------] readable by owner (most secure, if it works) 440 [r--r-----] readable by owner and group (if 400 doesn't work) Recommended settings if you need write access: 600 [rw-------] readable and writable by owner (most secure, if it works) 640 [rw-r-----] readable and writable by owner, readable to group 660 [rw-rw----] readable and writable by owner and group Not recommended unless nothing else will work:* 444 [r--r--r--] readable by all 644 [rw-r--r--] readable by all, writable to owner 664 [rw-rw-r--] readable by all, writable to owner and group
Assets
755 site/assets (rekursiv)
Further Considerations
Determining what user apache runs as (<?php echo exec('whoami');)
Should /site/modules/ be writable?
