homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Visit PubCon.com
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

empty index.php Vs CHMOD 0773
Image folder security

 2:34 pm on Oct 2, 2007 (gmt 0)


My Server is Apache/PHP

I was setting image folder to 0773 but then i found that i need to use php to read directory image and delete some every some period, so it should be 0777 to be able to do that!

So my question, is it as safe to just put an empty index.php file in the image folder like setting it to 0773?

Thanks in advance



 7:06 am on Oct 4, 2007 (gmt 0)

- i'm not sure that putting an empty index.php is going to do anything useful for you.

- setting the user permission to 3 makes it unusable as a directory by the non-owner/group since it is not readable.
it should be either a 5 for a readable directory or a 7 for a read/write directory.


 2:34 pm on Oct 6, 2007 (gmt 0)

Turn off indexes for the directory and don't worry about perms.

Options -Indexes



 4:34 pm on Oct 6, 2007 (gmt 0)

OK, back up - we are talking about two different kinds of security here.

An empty index.html will serve web browsers an empty page. (Presuming your server is set to use index.html as a default page.) This will prevent browsers from seeing an index of your files, which they might if you had no default page.

However, the other method mentioned above is better for this purpose.

Unix/Linux file permission are used to control access to files by other users logged-in to a shell. If you are on a shared server, you need to use file permissions to prevent other customers of the hosting service from seeing or altering your files.

If you are on a dedicated server or a VPS, which you control exclusively, file permissions are less important - you probably have no other shell users.

However, you probably should still concern yourself with file permissions, as you may from time to time have others (employees, consultants) working on your machine, and may wish to make access available on a "need to know" basis. As well, careful use of file permissions can help control any successful break-in or exploit to your site that gives an attacker control of a non-root account.

[edited by: jtara at 4:34 pm (utc) on Oct. 6, 2007]


 4:34 pm on Oct 6, 2007 (gmt 0)

where to turn it off?


 4:51 pm on Oct 6, 2007 (gmt 0)

Thanks, am having VPS so it sounds like its not a problem as there are no other user/employees working on my site.

Thanks again!

Global Options:
 top home search open messages active posts  

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved