File access permissions

[gosvald]

Recently my ISP started using suPHP. As a result I got error message that my configure.php is writable on the top of my web site. I changed permissions from 755 into
511 and the message dissapeared. What is the minimal setting that I can set the permissions to?
Are there any files that need to be writable at all times? Unless I am editing the site I would like to set everything in to 500 or 511. Would ZeCart work?

Regards

George

[DrByte]

Moving this thread to the Installation forum.


For files, the minimum is really dependent on your server's configuration, and EVERY one is different.

For files, 644 is common, 444 is usually used for tighter systems, and even 400 may work in limited cases.
For files that need to be processed directly by the browser, they need to be at least 500 to work (the 5 means read and eXecute)

Folders are typically 755 (most common), with 655 or 644 being next in line if your server dictates such a need.

The only folders that would need to be 777 would be:
- cache -- if using file-based sql/session caching
- images/uploads -- if allowing customers to upload files
- admin/images/graphs -- if you want the admin to generate graphs for banner-usage data
All the other folders that our docs recommend 777 for are really only needed at 777 if you are editing or uploading files via the Admin area. If you use FTP instead, they can be set to lower values for better security.