rights

A place for security related announcements and discussions - please check this forum frequently!
Post Reply
dsa
Posts: 24
Joined: Sun Dec 11, 2016 12:09 am

rights

Post by dsa » Fri Dec 16, 2016 1:18 am

I have everything ok in sysinfo

but not:
Advertencia'./cmsimple/config.php' acceso protegido
Advertencia'./content/content.htm' acceso protegido
Advertencia'./templates/n6200tbisGPL3/template.htm' acceso protegido

I tried a lot of combinations of rights to change that but I cant

all files are "www-data:www-data" owned

How might set up rights in that files?

now are:
-rw------- 1 www-data www-data 1929 Dec 11 21:57 config.php

thanks!

Tata
Posts: 2668
Joined: Tue May 20, 2008 5:34 am
Location: Slovakia
Contact:

Re: rights

Post by Tata » Fri Dec 16, 2016 7:35 am

My server sets the rights are aet automatically. Some years before they were set so, that I needed to set them after our manuals manually. But since then they are set generraly both (700, drwx------) for folders and (-rw-------) for files.
CMSimple.sk
It's no shame to ask for an answer if all efforts failed.
But it's awful to ask without any effort to find the answer yourself.

cmb
Posts: 12531
Joined: Tue Jun 21, 2011 11:04 am
Location: Mü-Sa, RLP, DE
Contact:

Re: rights

Post by cmb » Fri Dec 16, 2016 10:33 am

dsa wrote:Advertencia'./cmsimple/config.php' acceso protegido
Advertencia'./content/content.htm' acceso protegido
Advertencia'./templates/n6200tbisGPL3/template.htm' acceso protegido

I tried a lot of combinations of rights to change that but I cant
This is not about filesystem permissions, but rather whether these files can be accessed via HTTP (e.g. by entering their URL in the browser). See the installation instructions for some details:
Directly accessing files in some folders should be denied. This is already done by the shipped .htaccess files for Apache web servers. For other servers you have to do this by any means the web server or hoster provides.
So check that the .htaccess files have been uploaded to the server, and that Apache is configured to process these .htaccess files.
Christoph M. Becker –Plugins for CMSimple_XH, but not for CMSimple 4+

dsa
Posts: 24
Joined: Sun Dec 11, 2016 12:09 am

Re: rights

Post by dsa » Fri Dec 16, 2016 11:20 am

Ok I put this in my domain configuration in apache and now I dont have that warning

<Directory "/********">
AllowOverride All
</Directory>

Thank you very much

Post Reply