-
- 75 Posts
So I've just downloaded v1.0.6 (after having 1.0.4 hacked recently), and intend to update about 40 websites to this version. However, when I unzip the download I notice the file permissions seem odd. For example the manager/includes folder has permissions ranging from 644 to 755. So my question is, what are the correct permissions; I pressume:
- 644 for anything in public_html like .htaccess, index.php etc
- 644 for all /manager files
- 755 for all /assets files
- 644 for /assets/templates (I'm presuming user will not be altering these - had /assets/templates/manager/login.html hacked so seems right not to have a 755 here
Are these correct?
Depending on your server configuration, 644 for all files and 755 for all folders may be correct.
Some servers will require assets/cache, assets/images/, and any other folders that MODx itself will want to write to to have 777. The cache files themselves may need 666, and in the beginning the manager/includes/config.inc.php file may also need 666 but should be re-set to 644 as soon as the upgrade is finished.
Folders need to be executable in order to be opened, but there are no files in MODx that need to be executable.