Z
ZX81Pro
Guest
Hi,
I run several Joomla sites on my Plesk linux server.
The problem is if a client upload a file via Joomla he can't delete it via FTP because the file don't belong to him (PHP -> belong to apache).
I'm looking for a SECURE solution to avoid this permission problem and to avoid security problems.
Non-secure : CHMOD 777 !
suEXEC : not tested...
I found this on http://rackerhacker.com/2007/05/20/joomla-and-plesk-permissions/:
Change the umask in '/etc/proftpd.conf' to 002 and add the 'apache' user to the 'psacln' group. Then, update the directory permissions:
cd /home/httpd/vhosts/[domain.com]
chown -R [username]: psacln httpdocs
chmod -R g+w httpdocs
find httpdocs -type d -exec chmod g+s {} \;
Do you think it's secure ?
With umask the defaut permissions are for directories 775 and for files 664.
How do you work with Joomla and Plesk ?
Thanks a lot.
ZX81Pro
Belgium
I run several Joomla sites on my Plesk linux server.
The problem is if a client upload a file via Joomla he can't delete it via FTP because the file don't belong to him (PHP -> belong to apache).
I'm looking for a SECURE solution to avoid this permission problem and to avoid security problems.
Non-secure : CHMOD 777 !
suEXEC : not tested...
I found this on http://rackerhacker.com/2007/05/20/joomla-and-plesk-permissions/:
Change the umask in '/etc/proftpd.conf' to 002 and add the 'apache' user to the 'psacln' group. Then, update the directory permissions:
cd /home/httpd/vhosts/[domain.com]
chown -R [username]: psacln httpdocs
chmod -R g+w httpdocs
find httpdocs -type d -exec chmod g+s {} \;
Do you think it's secure ?
With umask the defaut permissions are for directories 775 and for files 664.
How do you work with Joomla and Plesk ?
Thanks a lot.
ZX81Pro
Belgium