File/folder Permissions, Migrating From Suphp

[SteveW]

I'm migrating a site from another host to TCH. The differences:

 

From suPHP to non-suPHP

From PHP 4.4.6 to 5.2.4

 

Am currently working on my TCH site using the temporary URL hxxp://xxx.xxx.xxx.xxx/~userID/

 

From the post at http://www.totalchoicehosting.com/forums/i...?showtopic=2056, I gather that the reason PHP $_SERVER['DOCUMENT_ROOT'] is currently not working properly is because I'm using the temporary URL, and it should start working after DNS propagation has occurred on the domain name.

 

Some questions:

 

1) The site transfer to TCH preserved the previous file and folder permissions. As far as I can tell, the rules for file and folder permissions at TCH are the same as at my previous host. Are these correct?

 

Normal file, web page (.htm), or executable PHP script (.php) = 644

 

Normal web accessible folder = 755

 

2) All my experience with PHP is with suPHP, and I'm discovering there are differences when not using it. Based on testing, it appears that a file that PHP will write to must have its own permissions set to 0666 and be in a folder that has 0777 permissions.

 

To offset the dangers of those permissions levels, I can do the following:

 

--Store those files in a folder outside public_html

 

or

 

--Put the folder inside public_html, but protect it with an .htaccess file containing the lines:

 

order allow,deny

deny from all

 

It seems like that should compensate for the 666/777 permissions. I came up with some other methods (password protect the folder, and also use <Files></Files> directives in .htaccsss), but decided they'd be redundant.

 

Is anything above incorrect?