Skip to main content

File Permission 0600 problem

Comments

5 comments

  • GOT
    The web service (apache) is calling the file as the user that owns that file (also the cpanel user) and since that user has read permission, then its going to be browseable. You should probably move any files that are not publically accessible outside the public_html folder in general.
    0
  • GOT
    Also for that matter you could use .htaccess to deny all visitors to that directory, or you directory security in cPanel to create a login when trying to browse that folder.
    0
  • cPRex Jurassic Moderator
    Great answers, @GOT
    0
  • mpmaya
    Thank you for your reply, the weird thing is in the server I had before the permissions used to work to deny access to some files, I will do it with .htaccess Thanks again for your help
    0
  • sparek-3
    Sounds like the server you are on now is using mod_ruid2, which I'm not sure how common it is used (I don't use it). With mod_ruid2 - everything in the VirtualHost is accessed by owner of that VirtualHost (defined in the VirtualHost configuration). So even images and text files are read by the Linux server user owned by that VirtualHost. Typically only PHP and CGI scripts are executed as the VirtualHost owner. Static content such as images, text files, HTML documents are accessed by the user running the web server. In this scenario, setting permissions of an image to 0600 and owned by your Linux user would not have significant privileges for the web server user (the user nobody on cPanel servers) to read the file.
    0

Please sign in to leave a comment.