We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
    • 29796
    • 91 Posts
    In our company we decided to use MODX as primary CMS. Last days we had several hacks on various websites which are using other CMS systems. Because I suggested to switch to MODX, I need to make sure that none of future sites will be hacked. Regarding this I have few questions about it.

    For the first MODX site I used advanced install, moved the core outside webroot, renamed "manager" and "connectors" folder.

    [Question 1]
    First question is regarding file permissions. I know that this depends on server configuration. We use classic php7/apache on freeBSD OS. In public_html folder only "assets" and media source folders needs to be "open" (775 I think?), root and all the rest can be more protected (644 ?).

    What about CORE ? From what I know only the "cache" and "components" folder should have write rights? All the rest could be read only or I'm mistaken? Does core need any special permissions if it's outside webroot ?

    [Question 2]
    Modx upgrades. I'm trying to figure out what I need to backup in case of bad upgrade, so I can roll back. IMO only the database? From what I know, modx upgrades affects only core files, manager and connectors folder and I can assume that core/components and assets folder are untouched, so I don't need to backup them? Or I'm wrong?

    [Question 3]
    If something goes wrong on upgrade and site is down. Are following steps enough?
    1. clear cache
    2. upload database backup
    3. copy core, manager and connector folder from previous (working) modx version except config files.

    [Question 4]
    Any other tips how to protect modx installation or how create backup and restore website as fast as possible? Using GIT perhaps ?

    Thanx for all the answers

    This question has been answered by BobRay. See the first response.

    • discuss.answer
      • 3749
      • 24,544 Posts
      1. The most common combination is 755 and 644. I would leave the core permissions alone. Some extras may write log or other files in core/components and you'll need write permission when you upgrade MODX.

      2. I generally back up all files by creating an archive containing everything in the MODX root (except the three config.core.php - four if you still have the setup directory) and another one for the core (except the config directory). That way you don't have to worry about whether you've got everything. When you export the DB, select the DROP TABLE IF EXISTS option.

      3. That looks right to me.

      4. The (not free) SiteCheck extra will do a very fast dump of the database using the MySqlDump utility, though you may need to set the path to it if the default setting doesn't work. You can backup the files using Git with Gitify, but I've never used it.

      One thing you definitely *don't* want to do, ever, is transfer the files individually with FTP. That often results in missing or corrupted files.
        Did I help you? Buy me a beer
        Get my Book: MODX:The Official Guide
        MODX info for everyone: http://bobsguides.com/modx.html
        My MODX Extras
        Bob's Guides is now hosted at A2 MODX Hosting
        • 29796
        • 91 Posts
        Thank you

        1. I know that some extras use core/components and I thing that is only folder beside "cache" inside core that needs more permissions than the rest. I'd like to lock it down as much as possible, especially folders in public html folder.

        2. smiley yea packing all is the best way. I just want to understand what happens on upgrades and what folders are affected.

        3. cool

        4. I'll try GIT, because is simple and can detect and roll back changes easily.

          • 3749
          • 24,544 Posts
          Just be careful using Git because it doesn't update the DB, which contains almost all of your content, unless you also export the DB to a .SQL file, add that file to Git, and remember to import it whenever you checkout an older commit.

          Otherwise, if you roll back the files with Git without also rolling back the DB, it's possible to end up with a mismatch between the two that would cause trouble, though it wouldn't be very common.
            Did I help you? Buy me a beer
            Get my Book: MODX:The Official Guide
            MODX info for everyone: http://bobsguides.com/modx.html
            My MODX Extras
            Bob's Guides is now hosted at A2 MODX Hosting