Setting File Permissions

From PGVWiki
Revision as of 00:41, 28 July 2010 by Ggpauly (talk | contribs) (Minor edits and changed link to additional security page)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Introduction

Once you've uploaded PGV to your webserver, you should set file access permissions to limit access to scripts and data files. If the permissions are too restrictive, PhpGedView won't be able to run. If the permissions are too lax, you risk unauthorised access to your data and your server.

Prerequisites

Before proceeding, you need to have some means of changing file permissions. This can be easily and securely done using a secure shell login (ssh). However many users will not have this ability, and instead will need to use an FTP client. FileZilla is an excellent open source FTP client, and if you are using Firefox, a FireFTP add-on works very well; there are many other FTP clients are available. You should make sure your FTP client allows you to change file permissions as some programs do not provide this facility. The Microsoft command-line FTP utility is one such unsuitable program.

(FTP has a number of security weaknesses. An alternative called Secure-FTP or SFTP exists which provides much better security. However, not all hosts allow you to connect via SFTP. If you have the option of using SFTP, then you are recommended to do so. If you don't understand this sentence then just ignore it and continue with FTP. The security risks, while real, are relatively small.)


It is helpful to understand unix file permissions and the chmod command, but not strictly necessary. At the very least, you should understand that your files can be accessed by two types of people: you and everyone else. You can set different permissions for you and everyone else. Permissions include the ability to read files, write files, access subdirectories and browse subdirectories.

Identifying the directories on your server

There are a number of ways in which your ISP can configure the web server. These instructions assume you've got a unix-style operating system and a standard configuration. If your server is set up differently, you can still apply the concepts below, but will need to adjust directories, access-permissions, etc.

Firstly, we need to identify a three directories; the home, web and installation directories

home directory

This is the login directory of your user accout. When you connect by FTP, you will normally be placed in this directory by default. It will typically be called "/home/UserName" or "/users/UserName". On some servers, you can't see the path, and your home directory will be displayed as just "/".

web directory

This will either be the same as your home directory, or a subdirectory such as "public_html" or "www.YourDomain.com".

PhpGedView installation directory

This will either be the same as your web directory, or a subdirectory such as "PhpGedView". If you use a subdirectory, you will access your site as something like www.YourDomain.com/PhpGedView. If you don't use a subdirectory (i.e. your PhpGedView installation directory is the same as your web directory), then you will access your site as just www.YourDomain.com

As you can see, these three directories may all be the same, they may all different, or two may be the same. A typical configuration might look like this:

/home/UserName/                        # home directory
/home/UserName/public_html             # web directory
/home/UserName/public_html/PhpGedView  # installation directory

This user might access their site with the URL http://www.MyIsp.com/~UserName/PhpGedView

Securing the index directory

If your home directory is different to your web directory, you can gain a little extra security by moving PhpGedView's index directory from the installation directory to the home directory. Once you've set your file permissions, you can do this by following the instructions here

Apache configuration

If you are using Apache as your webserver (the majority of ISPs use Apache), then it can run PHP scripts in one of two modes. The difference between the two modes is the identity of the process that runs PHP scripts.

Apache Module

When Apache runs PHP as a module, it executes scripts as itself. This is typically a lowly-privileged user account such as "www-user", "www-data", "nobody" or "web". This means that you need to set permissions so that this lowly-priveleged user can access your files and directories. In other words, you have to make files accessible to everyone else.

CGI

When apache runs PHP scripts using CGI, it executes scripts as you. This means that you can set more restrictive permissions, as only you need to access certain files.

How can you tell which of the two modes you have? The answer is to look for a file that has been created by PhpGedView, such as uploaded media/gedcom/log files, using your FTP client. If the file is owned by you (i.e. your login name), then PHP is run in CGI mode. If it is owned by "www-user" or similar, then PHP is run as an apache module. If you don't know or don't understand the question, assume your scripts are run as an apache module. The settings for this option will work for both modes.

Setting Permissions

You need to set different permissions for files and directories. The table below shows which permissions need to be given to which file or directory.

To save space in this table, we use [home], [web] and [install] to refer to the directories identifed above. * means all files in the directory.

Directory File Apache module CGI Notes
[home], [web] and [install] 711 711 apache needs to access (but not browse) these directories
[install]/config.php
444 400 PHP needs to write to this file when editing your site config using the editconfig.php page. You must temporarily change this to 666 (module) or 600 (CGI) to save your changes.
[install]/index
(and subdirectories)
777 700 PHP needs to create/delete files in this directory.
[install]/index/*
(and files in subdirectories)
666 600 PHP needs to read/write these files.
[install]/media
(and subdirectories)
777 711 apache needs to access this directory. PHP needs to browse it.
[install]/media/*
(and files in subdirectories)
666 644 apache needs to read these files. PHP needs to write them.
[install]/modules
(and subdirectories)
777 711 apache needs to access this directory. PHP needs to browse it.
[install]/modules/*
(and files in subdirectories)
666 644 apache needs to read these files. PHP needs to write them.
all other directories and subdirectories in [install] 711 711 PHP needs to access these directories
all other files in [install] and other subdirectories 644 644 PHP needs to read these files