File permissions with Plesk and PHP

[thedust2010]

I am having horrible problems with Plesk and file permissions. It seems way too restrictive. We have had to resort to using PHP's FTP commands in order to create folders on a website, but even after we create a folder, once we try to place an image in that folder, we are unable to do so. We try to chmod the newly created directory to 777, but are only able to do so when we log in to FTP and not in our PHP code. Has anyone else run into these problems and have a solution for how to ease up the file restrictions? This seems like overkill.

 

[hardweb]

PHP is running with apache permissions and it's normal that you can not chown or create files inside a psacln folder. This is a good thing, because most servers are hacked using PHP. If it would run with other permissions, the hacker will be able to trash websites as well.

 

[thedust2010]

That is all fine and well, but we are building an application that requires us to upload files and place them in folders. Regardless of the security threat, this needs to happen. Any idea how to accomplish this?

 

[DCoats]

login ssh and chown apache:apache the folders in which php needs to edit files.
If this is your server then I would suggest at the least installing mod_security to help protect some of the content.

 

[Xtreme-IT]

Originally posted by hardweb
PHP is running with apache permissions and it's normal that you can not chown or create files inside a psacln folder.

Using a php uploadscript like used in Mambo/Joomla the file is owned by apache, but how is that using the File Manager through the Plesk admin interface, the file gets the client ownership?

I want Joomla to have this behaviour too, but no matter what the files get owned by apache.

p.s. I tried to install suPHP, but this doesn't work on FreeBSD.