How to make only the webroot folder visible to everyone?

Asked

Viewed 296 times

1

In the Cake documentation, it indicates there you should only have this folder visible to everyone. How can you do that? This protects my application’s code from being tampered with?

1 answer

2


webroot

The briefcase webroot automatically visible to all.

If you watch us .htaccess from Cakephp, you’ll see that in the end everything is redirected to.

And as you must surely know, if you access for example:

You will have the return of the file quietly, IE: everyone has direct access.

permissions

Now, as for permissions, I usually know the following:

  • 770 = app/tmp
  • 770 = uploads folder
  • 660 = the rest of the files

To add these permissions do the following:

chmod -R 660 /var/www/pasta_do_seu_site/
chmod -R 770 /var/www/pasta_do_seu_site/app/tmp/
chmod -R 770 /var/www/pasta_do_seu_site/app/webroot/uploads/

Change /var/www/pasta_do_seu_site/, by the correct directory of your server/machine.

  • chmod is the command responsible for applying permissions on Linux
  • -R means recursively

If on the server you only have access to Cpanel, there is the possibility to go to Folder explorer/Navigator and set the permissions of each folder manually and/or recursively.

Be absolutely sure of the folder that you reported to have no problems.

In general it means that:

  • tmp and uploads need to have permission to write, read and execute
  • The rest of the files need only read and write
  • In both cases, only the server user and/or belonging to its group can do so. Any other user cannot.

I believe that’s it.

Any questions leave a comment.

  • How can I add these permissions?

  • 1

    I edited the answer.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.