1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.1 CHMOD Permissions

Discussion in 'XenForo Questions and Support' started by TheJoker, Apr 3, 2013.

  1. TheJoker

    TheJoker Member

  2. Jake Bunce

    Jake Bunce XenForo Moderator Staff Member

    You only need to worry about data and internal_data. Those directories should be writable which means either 777 or 755 permissions depending on the server configuration. Everything else can be left as default which is usually 755 for directories and 644 for files.
  3. TheJoker

    TheJoker Member

    Hmm. I was getting a Permission denied error for some of the phrase files in internal_data/templates/, so I ended up having to change everything in there too. It's fixed at 777 but it's only a matter of time before I have to change another phrase.
  4. Jake Bunce

    Jake Bunce XenForo Moderator Staff Member

    All subdirectories should be writable as well. Apparently the permissions are inconsistent within that directory on your server. If you have shell access then try running these commands to recursively set permissions in those directories:

    chmod -R 777 data
    chmod -R 777 internal_data
  5. TheJoker

    TheJoker Member

    Did that, but thank you for the help anyway!

    My only concern is, should I recursively set 777 to directories and files in internal_data and data? Or just directories?

    Thanks again, Jake!
  6. Jake Bunce

    Jake Bunce XenForo Moderator Staff Member

    Directories should be enough.
  7. TheJoker

    TheJoker Member

    Odd. Not working without the files in /internal_data/templates/ set to 777. I'll post an error log when I wake up tomorrow. For right now thank you for the help, especially this late at night.
  8. zooki

    zooki Active Member

    Isn't this a security risk? I spoke to rackspace engineers who said that folders should not be set to 777, - if you have other sites then there is a risk of cross-site contamination from hackers. (i have had that problem)

    So although Xenforo might be secure, if you have wordpress or anything else which allows a hacker in, you run the risk of having them run amock throughout your directories.

    I want to know precisely the safest chmod we can set for files and directories. i.e. should config.php be set to 444? directories 555 etc
    Last edited: Nov 26, 2013
  9. Mike

    Mike XenForo Developer Staff Member

    The precise "ideal" values are very dependent on your server setup. It depends what user runs the scripts, the level of access you have to the server, and the general comfort level you might have dealing with chmod/chown as root.

    The only thing that XF really cares about is whether the user running PHP can write to the files. If you don't set a preference in config.php, XF will make a reasonable guess and either 0666 or 0644 the files (add the execute bit for folders). Unless you have a problem with the default or understand the consequences of changing this, I probably wouldn't override the default behavior.

Share This Page