{"id":677,"date":"2009-12-23T11:39:45","date_gmt":"2009-12-23T17:39:45","guid":{"rendered":"https:\/\/webhostinggeeks.com\/blog\/?p=677"},"modified":"2009-12-23T11:39:45","modified_gmt":"2009-12-23T17:39:45","slug":"understanding-permission-types-for-website-security","status":"publish","type":"post","link":"https:\/\/webhostinggeeks.com\/blog\/understanding-permission-types-for-website-security\/","title":{"rendered":"Understanding Permission Types for Website Security"},"content":{"rendered":"<p>If you are running a website on a Unix or Linux server, it is important to know that many of your files and directories must be provided with the right permissions in order to function properly.\u00a0\u00a0 In the world of Unix-like platforms, the process of giving permissions is known as change mode or simply, CHMOD.\u00a0 While you definitely want the files and directories of your website to work properly, it is also imperative to set the right permissions for security purposes.<\/p>\n<p><strong>CHMOD Permission Types <\/strong><\/p>\n<p>There are three types of permission in the Unix environment: Read, Write and Execute.\u00a0 Below is an explanation on what each type of access means:<\/p>\n<p><strong>Read<\/strong> &#8211; This permission provides access that allows files to be read.\u00a0 When applied to directory, it allows the names of files in a particular directory to read.\u00a0 However, it does not disclose the type, size, permissions or any other information about the files.<\/p>\n<p><strong>Write <\/strong>&#8211; This permission provides access that allows a file to be modified.\u00a0 When applied to a directory, it allows files in a particular directory to be modified.\u00a0 This includes creating, renaming and deleting files.<\/p>\n<p><strong>Execute<\/strong> &#8211; This permission provides access that allows a file to be executed.\u00a0 The execute permission must be set for shell scripts and executable binaries in order for them to be run on the underlying operating system. When applied to a directory, it provides access that allows files and subdirectories to be accessed, but not read.\u00a0 Files and subdirectories can only be viewed if the directory that contains them is set to read.<\/p>\n<p><strong>CHMOD User Types<\/strong><\/p>\n<p>The above permissions apply to three types of users: the User, Group and Other. The User is the owner of the file and the one that has complete control.\u00a0 The Group is the group of users that own the file.\u00a0 This permission can be useful for a website that has group of people working on a project.\u00a0 In this instance, you could give access to those users and restrict it from others.\u00a0 Other refers to anyone that does not own in a file or belong in a group of users associated with the file.\u00a0\u00a0 So if you set a file to this permission, it will automatically affect everyone else.\u00a0 For this reason, Other is often referred to as \u201cthe rest of the world\u201d.<\/p>\n<p><strong>Defaults and Warnings<\/strong><\/p>\n<p>Files on a Unix server are usually set to 644 by default.\u00a0 This simply means that the owner of the file has the ability to read and write to it, while everyone else only have read access.\u00a0 Directories in the Unix environment are usually set to 755.\u00a0 This means that the owner has complete authority over the directory while every else can only read and execute the files it contains.\u00a0 One permission you definitely want to be careful with is CHMOD 777.\u00a0 When applying this setting, anyone will have the ability to read, write and execute your files or directories.\u00a0 This is equivalent to leaving your website open to the world and making it easy for hackers to compromise.<\/p>\n<p><strong>CHMOD Tools<\/strong><\/p>\n<p>While a shell prompt can be used to set permissions, many website owners choose to take the easy route by using an FTP client.\u00a0 The CHMOD option can usually be accessed through menus or by hovering the mouse over a file or directory and choosing the correct option.\u00a0 How you access it all depends on the FTP software.\u00a0 In most cases, you simply check the properties, or enter the corresponding permission numbers in the provided text box to set permissions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you are running a website on a Unix or Linux server, it is important to know that many of your files and directories must be provided with the right&#8230;<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"wds_primary_category":0,"footnotes":""},"categories":[9],"tags":[1451,1450,61,1564,567],"class_list":["post-677","post","type-post","status-publish","format-standard","hentry","category-security-issues","tag-change-mode","tag-chmod","tag-linux","tag-permissions","tag-unix"],"views":82,"_links":{"self":[{"href":"https:\/\/webhostinggeeks.com\/blog\/wp-json\/wp\/v2\/posts\/677","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webhostinggeeks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webhostinggeeks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webhostinggeeks.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/webhostinggeeks.com\/blog\/wp-json\/wp\/v2\/comments?post=677"}],"version-history":[{"count":0,"href":"https:\/\/webhostinggeeks.com\/blog\/wp-json\/wp\/v2\/posts\/677\/revisions"}],"wp:attachment":[{"href":"https:\/\/webhostinggeeks.com\/blog\/wp-json\/wp\/v2\/media?parent=677"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webhostinggeeks.com\/blog\/wp-json\/wp\/v2\/categories?post=677"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webhostinggeeks.com\/blog\/wp-json\/wp\/v2\/tags?post=677"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}