Directory Indexing And Safe Chmod Settings

[llama_thumper]

i'm using squirrelmail as my mail programme, and i wanted to know whether turning the indexing off for sensitive directories (data, attachment), is going to improve my security - i think yes, or? somebody would actually have to know the whole pathname in order to get to a file, correct?

 

secondly, would this change the operation of any programme? ie squirrelmail? (eg if i turn off the indexing for its root)

 

thirdly, what are the appropriate CHMOD settings for sensitive directories - such that i am able to have access but no one else? obviously 777 is not the right one...

 

anybody?

thanks!

[thewordlist]

Hello there. I cannot answer anything about squirrelmail or indexing, however, I have some information about permissions. The Pen Name ~ The Portland Communications Encyclopaedia is a good place to start. It makes it pretty clear how to set permissions. I hope it helps!

[TCH-JimE]

Hi,

 

To clear up any confusion:

 

If you don't want people to browse your files unless there is an index page present then:

 

Select the name of the folder in file manager and select "No Indexes" This will turn off indexing.

 

If you want people to see everything then instead select one of the other indexs option.

 

No, it should not effect squirral

 

755 is proberley the best universal one.

 

Jim

Edited June 11, 2003 by Jimuni

[llama_thumper]

stupid question jim, but about the indexing... are you absolutely sure?

cpanel says:

"If indexes are off, people will not be able to see what files are in a directory that lacks an index file. "

im confused...

[TCH-JimE]

Hi,

 

Right I have modified my own post above to make it clearer. We where both getting at the same thing, but I should have used the CPANEL wording!

 

Hope its now understandable!

 

Jim

[llama_thumper]

ahhhhhh now you got me really confused! sorry must be one of those days.

lets put it this way:

 

1. i create a new directory , say http://redo.net/llama'>http://redo.net/llama'>http://redo.net/llamawith no index.htm page, but with only one other page, say test.htm

 

thus:

with indexing off, if i access just http://redo.net/llama, i will not be able to see anything

with indexing on, if i access just http://redo.net/llama,i will be able to see the test.htm file.

 

correct?

 

2. whether indexing is on or off, if someone tries to access a non-existant file, he will always get a 404 error

 

correct?

[natimage]

OK...Jim knows a LOT more than I do, but I'm going to take a poke at answering your question. That way when they tell me I'm wrong...I will learn!!

 

With indexing on or off, you can access any of your files if you type in the exact url. Thus, with indexing on or off, if you type in http://redo.net/test.htm'>http://redo.net/test.htm , you should be able to view your page.

 

With "no indexing" off, if you type in http://redo.net, since there is no index.htm file in the directory, a page will open that will list all the files in the directory.

 

With "no indexing" on, you will get a page cannot be found error.

 

2. whether indexing is on or off, if someone tries to access a non-existant file, he will always get a 404 error

I would say yes, this is correct.

 

Now...I hope I didn't confuse the issue more...and I hope I'm not way off base!!

[SEO]

From the help site:

 

Hiding a directory

 

Often we are asked "how can I hide the list list of files in a directory from people who try to access that directory?

 

 

Steps to protect a directory

 

1. Start up cPanel, go to the Access Menu, and click on Download/Upload Backup File

2. Click on 'Index Manager' option

3. Select which directory you wish to protect

4. Select 'No Indexes' from the list

 

Hiding the directory is not the same as hiding a file (i.e. the correct file will load when requested).

 

Tracy gets an A!

[natimage]

Thank you Scott...it's been a long time since I've gotten an A!! woooot

[TCH-JimE]

Hi,

 

Tracey does indeed get an A!

 

Jim

[llama_thumper]

alright that quote made it clear to me!

thanks!