security concern #4
Comments
|
Indeed chmod-ing 777 your entire demo site might create risks (you must check if such risks are an issue for you - do not forget we are talking about demo websites). But due to the way the script works, you must ensure PHP has permissions to wipe out your entire demo site and re-create every file on it. There's been some time I have uploaded this but I believe there should not be any issue putting the backup folder somewhere else, out of the www-root, with a different CHMOD on it. Yet, simply chmoding 777 a folder on your host will not allow visitors to freely edit and create folders and files on your host - they will need to have access to your host to do so, and if they manage to reach such point, most probably the demo section of the website will be your last concern... |
|
your telling me my host has been controlling everything for 2 years now and i dont know who the host is |
Give writting permission (CHMOD 777) in ALL your demo site, using your FTP or SSH client. This includes your script as well as the Open Demo Reset folder. Do not forget anything.If all files are 777 even the backup folder, doesnt that mean that its easy for them to access that folder and make changes/inject?
The text was updated successfully, but these errors were encountered: