Joomla installation file permissions

There's no way just changing everything to or is sufficient for any real website, let alone one under current development. Actually, one way this would work to set everything to or is if you changed the ownership of all files to that of the web server, and also only access it for file uploads as the web server user. That is not a secure way to do it. The files were all changed to be owned by 'joomadmin' when the installation was set up, with the 'apache' users in the same group as 'joomadmin'.

This creates a problem when the joomla administrator uses in the front-end to install modules or otherwise make modifications. Files then become owned by the 'apache' user, making it not possible for the 'joomadmin' to then edit or change the same file. Forum Post Assistant v1. Instance :: Joomla! Setup From Joomla! Other languages:. Security Checklist. Categories : Article split requests Security Checklist. It has been suggested that this article or section be split into multiple pages.

Add a comment. Active Oldest Votes. Is ok. Improve this answer. Sacx Sacx 2, 14 14 silver badges 13 13 bronze badges. Milan Kerslager Milan Kerslager 3 3 silver badges 9 9 bronze badges. Wow thank you very much, this seems much safer. Sometimes we upload files and save them to the server, but I guess this upload directory should be the only one with write permissions.

Sign up or log in Sign up using Google. Sign up using Facebook. Sign up using Email and Password. Then apply the applicable recommended settings below to your Windows based server. Note: On file permissions, in general never use if you don't know what you are doing.

There are a variety of methods to view the permissions of your website's files. Each octal digit corresponds to a group of three letters in a specific group.

Therefore, the three digits also corresponds to each group as a set of permissions:.