Permissions on www and public html folders?

[Automile]

For best security, what should the permissions for these two folders be?

I've been reading a lot about hacked sites lately, and decided it's time to take a closer look at my settings.

Thanks,
Andy

Edit to add: I don't have anyone uploading anything to the site, just the normal page updates which I do with my html editor.

[JPC-Jawad]

Do you have a cPanel account. The default permissions of public_html folder in cPanel setup is 750 which is recommended. All folders inside public_html should have permission set as 755, with regular files having 644. www is a symbolic link so you should not be worried about that. Please open a support ticket so that we can set the correct permissions for your entire account.

[Automile]

Thanks Jawad. Yes, I have a CPanel account, and the public_html folder is set for 750. The access-logs and www folders are 777, which concerned me and prompted my question.

Other than those two, everything else is OK.

Would it hurt anything to set www to 750 as well? How about the access-logs?

Andy

[JPC-Jawad]

Thanks Jawad. Yes, I have a CPanel account, and the public_html folder is set for 750. The access-logs and www folders are 777, which concerned me and prompted my question.

Other than those two, everything else is OK.

Would it hurt anything to set www to 750 as well? How about the access-logs?

Andy

Both access-logs and www are symbolic links and not actual folders, similar to a shortcut in Windows. You do not need to change their permissions.

[jason]

To add to this, cPanel accounts run in a chrooted environment (cP uses the term "JailShell"). This means that users can only see what the admins want them to see which, in this case, excludes other accounts on the server. Since all scripts in users' accounts run under the user id of the account owner and since that user can't see other accounts, JPC's setup makes it extremely difficult for a site to be compromised as the result of another account on the server being exploited.

Its never a bad thing to be dilligent--even paranoid, perhaps--about server security, but you can also rest assured that JPC's setup is about as well protected as you can get on a shared server.

--Jason

[dineshkumar]

How it may possible to hacked a secure linux hosting network

[Gwaihir]

What makes you assume each account is secure?

There are no doubt people who run software in their account that is not secure. In particular people who install something and then never update it for years, even though security flaws have been discovered and updates with fixes were made available. If you use a popular bulletin board, photo gallery, etc, etc, in your account, you must update it from time to time, as known holes will sooner or later be exploited.