mlex Posted March 31, 2017 Posted March 31, 2017 When I upload files/folders to my user dir, I'm getting odd permissions(775, 664) and sometimes even none(for some folders) and I must change them manually... As far as I can say, this should be done on the server side config somehow. Could anyone assist me with this, please?
Byron Posted March 31, 2017 Posted March 31, 2017 It only does this with SSH settings: SFTP - SSH File Transfer Protocol If you'll upload with these settings instead, the file permissions will be correct: FTP - File Transfer Protocol Use explicit FTP over TLS if available
mlex Posted March 31, 2017 Author Posted March 31, 2017 Thanks Byron, but would this be less secured than with SFTP - SSH method?
Krydos Posted March 31, 2017 Posted March 31, 2017 I highly recommend using SFTP for the encryption because the world in general seems to be moving towards the idea that any company or ISP or government is entitled to snoop on all of our data traffic, but that's just my personal politics I suppose. Just be aware that if you do use unencrypted FTP it's fairly trivial to intercept your data to sell it or use it against you. Regarding the file permissions, I implemented a permission mask that would force the files to be uploaded with more sensible permissions but it ended up breaking a lot of other things so I put it back the way it was. Most FTP clients you can just right click and change the permissions. I just tested it with filezilla (a very commonly used ftp client) and you can even right click a directory and set the permissions to 644 for all files recursively in the directory. So you could just do that on your public_html each time you upload something. It's only a few extra mouse clicks.
mlex Posted April 1, 2017 Author Posted April 1, 2017 Yes, exactly... This will be less secure using theUse explicit FTP over TLS if available I'm actually using the FileZilla client, but doing this for each file is... frustrating CHMODing public_html... well, isn't that not the right way to go? I mean obviously there could(and will) be files I don't want to CHMOD as usual ones, .htaccess for example, or just random other files I don't want to CHMOD as usual ones for security reasons, but yet, locate them within the public_html folder.UPDATE: Hm... Seems like CHMODing files with 644 is actually enough secured even for sensitive files. Am I getting this right?
Byron Posted April 1, 2017 Posted April 1, 2017 UPDATE: Hm... Seems like CHMODing files with 644 is actually enough secured even for sensitive files. Am I getting this right? Yes
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now