File permission such as 606, 707 is no longer work with mod-php?

Discussion in 'Installation/Configuration' started by holykim, Mar 5, 2012.

  1. holykim

    holykim Member


    My customers use the file permissions 606 and 707 for their files and folders with mod-php. It worked fine with ISPConfig 3.0.3.x.

    Recently I am noticed by my customer that it is no longer work with the error "permission denied".

    I only can remember I did upgrade ISPConfig 3.0.3.x to ISPConfig and nothing else. When I visit my customer's website it can not read some files which have the file permission 606. I changed the permission from 606 to 666 and then it works.

    The user and group created by ISPConfig 3 such as web227 and client102. Please advise.

    Thanks in advance.

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    First of all, the recommended php mode for websites that write to the web folder is "php-fcgi" in conjunction with suexec enabled. mod_php should not be used as it requires insecure folder permissions to write to the web folders and bdeside that its insecure as it runs as apache user and not website user. So you really should consider to switch the php mode.

    Beside that, you should first update to ispconfig Then check the security mode under System > Server config > web, it should be set to "High".
  3. holykim

    holykim Member

    Hi Till

    Thanks for your advice and I fully understand what you recommend.

    However, I have a problem with the existing customers who use mod-php and 606, 707 file permissions. My customers use the CMS tools that require 606, 707 file permissions and I found they hard coded in their PHP script like chmod("/data/file", 0707); chmod("file.jpg", 0606);

    Can you please let me know if ISPConfig 3.0.4 has any changes related to this? The problem is they are existing customers and it worked so I can explain about the insecure permissions to them but I can't tell them to change their codes.

    Please advise.

Share This Page