welcha19
10-10-2011, 11:15 PM
Since suexec allows apache to run php scripts as the owner of the script then couldn't you restrict all permissions for the group and other on all php scripts? Of course, non-php files such as html, images, js etc and directories would still need to be readable by other so that 'nobody' could access them?
So would something like this work? And, do the group permissions even matter?
0755 Directories
0600 General PHP Scripts
0400 Configuration Scripts (wp-config.php or scripts with sensitive info)
0644 Standard HTML files, Stylesheets, Images, JS Files, Etc.
0755 Perl / CGI Scripts
I'm somewhat of a unix beginner so let me know if I'm on the right track. Also, how does bluehost currently prevent me from accessing another user's home directory on a shared server?
So would something like this work? And, do the group permissions even matter?
0755 Directories
0600 General PHP Scripts
0400 Configuration Scripts (wp-config.php or scripts with sensitive info)
0644 Standard HTML files, Stylesheets, Images, JS Files, Etc.
0755 Perl / CGI Scripts
I'm somewhat of a unix beginner so let me know if I'm on the right track. Also, how does bluehost currently prevent me from accessing another user's home directory on a shared server?