Currently set to No Index

Understanding Permission Types for Website Security

If you are running a website on a Unix or Linux server, it is important to know that many of your files and directories must be provided with the right permissions in order to function properly.   In the world of Unix-like platforms, the process of giving permissions is known as change mode or simply, CHMOD.  While you definitely want the files and directories of your website to work properly, it is also imperative to set the right permissions for security purposes.

CHMOD Permission Types

There are three types of permission in the Unix environment: Read, Write and Execute.  Below is an explanation on what each type of access means:

Read – This permission provides access that allows files to be read.  When applied to directory, it allows the names of files in a particular directory to read.  However, it does not disclose the type, size, permissions or any other information about the files.

RELATED:   What Will Be the Biggest Hosting Trends for 2015?

Write – This permission provides access that allows a file to be modified.  When applied to a directory, it allows files in a particular directory to be modified.  This includes creating, renaming and deleting files.

Execute – This permission provides access that allows a file to be executed.  The execute permission must be set for shell scripts and executable binaries in order for them to be run on the underlying operating system. When applied to a directory, it provides access that allows files and subdirectories to be accessed, but not read.  Files and subdirectories can only be viewed if the directory that contains them is set to read.

CHMOD User Types

The above permissions apply to three types of users: the User, Group and Other. The User is the owner of the file and the one that has complete control.  The Group is the group of users that own the file.  This permission can be useful for a website that has group of people working on a project.  In this instance, you could give access to those users and restrict it from others.  Other refers to anyone that does not own in a file or belong in a group of users associated with the file.   So if you set a file to this permission, it will automatically affect everyone else.  For this reason, Other is often referred to as “the rest of the world”.

RELATED:   How to Keep Your Server Safe From Common Security Problems

Defaults and Warnings

Files on a Unix server are usually set to 644 by default.  This simply means that the owner of the file has the ability to read and write to it, while everyone else only have read access.  Directories in the Unix environment are usually set to 755.  This means that the owner has complete authority over the directory while every else can only read and execute the files it contains.  One permission you definitely want to be careful with is CHMOD 777.  When applying this setting, anyone will have the ability to read, write and execute your files or directories.  This is equivalent to leaving your website open to the world and making it easy for hackers to compromise.

RELATED:   Parallel's Plesk: Flexibility and Functionality

CHMOD Tools

While a shell prompt can be used to set permissions, many website owners choose to take the easy route by using an FTP client.  The CHMOD option can usually be accessed through menus or by hovering the mouse over a file or directory and choosing the correct option.  How you access it all depends on the FTP software.  In most cases, you simply check the properties, or enter the corresponding permission numbers in the provided text box to set permissions.

How-to Start a Blog – Review of the Best 10 Blogging Platforms
How-to Start a Blog – Review of the Best 10 Blogging Platforms

If you want to start a blog as fast as possible, then you need to consider choosing a blogging platform. Thankfully, there are some excellent free and paid blogging platforms...

How Referral Marketing Can Benefit Web Hosts
How Referral Marketing Can Benefit Web Hosts

Even if the niche of web hosts are fully loaded with a lot of companies they are still one of the easiest to promote because you could write your own...

Broken Links: How to Find, Fix, and Benefit from Broken Links
Broken Links: How to Find, Fix, and Benefit from Broken Links

Links are what holds the web together. Essentially, the web is named as such because of the ability for pages and sites to link to other sources and relevant information....

Brand Value & the Most Powerful Brands (with Infographic)
Brand Value & the Most Powerful Brands (with Infographic)

Brand value – everyone wants it, however, only few are able to achieve it. The subject of “brand value” holds a significant position amongst marketers, executives, and entrepreneurs. Let’s discuss...

Reasons why your business should shift to Cloud hosting
Reasons why your business should shift to Cloud hosting

Cloud hosting has been on the rise since its inception. The improvement to your website performance and business efficiency that comes with Cloud hosting is almost tangible.

Why We Love the IT Support Career?
Why We Love the IT Support Career?

In almost all of my posts I was talking about the stressful side of the IT – the long hours, end user issues, migrations, midnight calls and the like. But...

IT Manager: Ways To Show Your Appreciation To Your Team
IT Manager: Ways To Show Your Appreciation To Your Team

Surely your team struggled hard and made things happen. You cannot say “this is what you get paid for” and just leave – you cannot keep your IT staff that...

Feeling Insecure In Your Current Job Position?
Feeling Insecure In Your Current Job Position?

Job security is one of our primary concerns. We everyday we live with the question of whether or not we will be working the next day. Loyalty is not the...

Leave a Reply

Your email address will not be published. Required fields are marked *