In the Cake documentation, it indicates there that you should only have this folder visible to everyone. How can you do that? Does this protect my application code from being tampered with?
How to make only the webroot folder visible to everyone?
1
asked by anonymous 18.06.2014 / 16:33
1 answer
2
webroot
The webroot folder is automatically visible to everyone.
If you look at the% s of CakePHP%, you will see that everything is redirected afterwards.
And as you certainly should know, if you access for example:
You will have a smooth return of the file, that is: everyone has direct access.
permissions
Now, regarding permissions, I usually hide the following:
- 770 =
.htaccess - 770 = Upload folder
- 660 = the rest of the files
To add these permissions do the following:
chmod -R 660 /var/www/pasta_do_seu_site/
chmod -R 770 /var/www/pasta_do_seu_site/app/tmp/
chmod -R 770 /var/www/pasta_do_seu_site/app/webroot/uploads/
Change app/tmp , to the correct directory of your server / machine.
-
/var/www/pasta_do_seu_site/is the command responsible for applying permissions on Linux -
chmodmeans recursively
If the server has access only to CPanel, you can go to folder explorer / navigator and set the permissions of each folder manually and / or recursively.
Absolutely sure of the folder you entered so you do not have problems.
Overall it means that:
-
-Randtmpneed write, read, and execute permission - The rest of the files need only read and write
- In both cases, only the user of the server and / or belonging to his group can do this. Any other user can not.
I think that's it.
Any questions leave a comment.
18.06.2014 / 18:14