Prel Posted January 20, 2005 Posted January 20, 2005 Hello, (ops.. Excuse my Error -> Secutiry = Security ) I need to change the permission of mine c:\www\.htaccess for 777 Some problem of security in this exists ? It is because necessary mine phpnuke of this. Thank´s Quote
TCH-Bruce Posted January 20, 2005 Posted January 20, 2005 Paulo, the path you are giving is in the form of a Windows machine. Is this on a PC? Or are you referring to your .htaccess file here on the TCH servers? Quote
Prel Posted January 20, 2005 Author Posted January 20, 2005 Ohh Excuse Bruce...I forgot this information In the TCH Server. Thank´s Quote
TCH-Bruce Posted January 20, 2005 Posted January 20, 2005 Anytime you make a files permissions to allow all access to it is a security risk. But there are things that sometimes require it. I am going to move this to the security forum and maybe someone can give better answers. Quote
ztrauq Posted January 21, 2005 Posted January 21, 2005 Allowing an .htaccess file to have 777 permissions would allow anyone to edit it - meaning that they could circumvent the security it provides by editing the file to provide their own username/password combo. It may be that the program is writing to the .htaccess file and requires that access, though... there are some various workarounds with shell access, but otherwise, I'm not sure what to tell you. Personally, I'd be wary of a program using this kind of security as its only layer - if PHPNuke also has another layer of passwords to allow access to it, such as an SQL-based password list, you might still be okay. If you can, I'd try experimenting with some slightly lesser permissions (755? 775?) and see whether it complains, and only set it to 777 as a last resort. Quote
daregal13 Posted February 7, 2005 Posted February 7, 2005 My question is in relation to .htaccess. I accindetally deleted an .htaccess file from the public_html. I already contacted support on this one and I noticed .htacces is again in placed. Now the question, with TCH, do you automatically add an .htaccess file and what happen if no .htaccess file in a directory with password protected files, or is it possible?? Quote
Siberian H.E.A.T. Posted February 8, 2005 Posted February 8, 2005 You can "create" your own .htaccess file either using a text editor (it is just a simple little text file) or by using your Cpanel to password protect that directory. You can also have cpanel make you a .htaccess file by going into cpanel and clicking on the index manager and selecting that particular folder and changing the index behaviour. You will then notice a .htaccess file in that folder, with the correct syntax in it. These are the easiest ways to make the file if you are unsure about it (at least in my experience). Just make sure you do some research into the various options of .htacess (commonly explained using google search and probably listed as a help file on TCH). Anyway, this might save you a trip to the help desk the next time you delete that file. Quote
daregal13 Posted February 9, 2005 Posted February 9, 2005 Thanks so much, I guess I did it the hard way but a learning hard way. Actually, I read some toturials on how to create an .htaccess files and the use of some of the common syntax. But I wasn't sure if I should try it or not. I guess I didn't trust what I read. . I didn't know though that .htaccess can be created through cpanel. Thanks for the info. I need to read the cpanel manual. Quote
TCH-Don Posted February 9, 2005 Posted February 9, 2005 There are many shortcuts in cpanel that edit your .htaccess file or create it does not exist. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.