As they come "out of the box", all .php files (under /includes/modules, for example) have permissions of 755.
I know about the requirement of changing the two configure.php files ASAP to 444 or 644 -- done already .
But what about all the others? Is this OK (from security standpoint) to leave them at 755?
If not, they why do they default to 755?
Bookmarks