• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.1 CHMOD Permissions

Jake Bunce

XenForo moderator
Staff member
#2
You only need to worry about data and internal_data. Those directories should be writable which means either 777 or 755 permissions depending on the server configuration. Everything else can be left as default which is usually 755 for directories and 644 for files.
 
#3
You only need to worry about data and internal_data. Those directories should be writable which means either 777 or 755 permissions depending on the server configuration. Everything else can be left as default which is usually 755 for directories and 644 for files.
Hmm. I was getting a Permission denied error for some of the phrase files in internal_data/templates/, so I ended up having to change everything in there too. It's fixed at 777 but it's only a matter of time before I have to change another phrase.
 

Jake Bunce

XenForo moderator
Staff member
#4
Hmm. I was getting a Permission denied error for some of the phrase files in internal_data/templates/, so I ended up having to change everything in there too. It's fixed at 777 but it's only a matter of time before I have to change another phrase.
All subdirectories should be writable as well. Apparently the permissions are inconsistent within that directory on your server. If you have shell access then try running these commands to recursively set permissions in those directories:

Code:
chmod -R 777 data

chmod -R 777 internal_data
 
#5
All subdirectories should be writable as well. Apparently the permissions are inconsistent within that directory on your server. If you have shell access then try running these commands to recursively set permissions in those directories:

Code:
chmod -R 777 data

chmod -R 777 internal_data
Did that, but thank you for the help anyway!

My only concern is, should I recursively set 777 to directories and files in internal_data and data? Or just directories?

Thanks again, Jake!
 
#7
Odd. Not working without the files in /internal_data/templates/ set to 777. I'll post an error log when I wake up tomorrow. For right now thank you for the help, especially this late at night.
 

zooki

Active member
#8
Isn't this a security risk? I spoke to rackspace engineers who said that folders should not be set to 777, - if you have other sites then there is a risk of cross-site contamination from hackers. (i have had that problem)

So although Xenforo might be secure, if you have wordpress or anything else which allows a hacker in, you run the risk of having them run amock throughout your directories.

I want to know precisely the safest chmod we can set for files and directories. i.e. should config.php be set to 444? directories 555 etc
 
Last edited:

Mike

XenForo developer
Staff member
#9
The precise "ideal" values are very dependent on your server setup. It depends what user runs the scripts, the level of access you have to the server, and the general comfort level you might have dealing with chmod/chown as root.

The only thing that XF really cares about is whether the user running PHP can write to the files. If you don't set a preference in config.php, XF will make a reasonable guess and either 0666 or 0644 the files (add the execute bit for folders). Unless you have a problem with the default or understand the consequences of changing this, I probably wouldn't override the default behavior.