Webmastersite.net
Register Log In

CHMOD what?

Comments on CHMOD what?

Daniel
Member

Usergroup: Member
Joined: Jul 08, 2009

Total Topics: 17
Total Comments: 31
Daniel
Posted May 21, 2010 - 11:13 AM:

After some arabic hacker group was so nice to enter my page with some propaganda -

I`ve got the following Questions:

Which directories have I chmod to which number?
Which files have I chmod to which number?

Thanks for the help...
Paul
developer

Usergroup: Administrator
Joined: Dec 20, 2001
Location: Diamond Springs, California

Total Topics: 61
Total Comments: 7868
Paul
Posted May 21, 2010 - 4:59 PM:

CHMODs won't protect you in any useful way. In order run a script of any complexity, the script needs to be able to write files. Limiting which directories it can write files to does nothing but delay the hacker by a couple seconds until they figure out where they can write to (or rather, their automated script figures it out). Once they have the ability to run code on your server, you've lost. At best, CHMODs could limit them to forms of hacking that are much harder for you to notice -- which is actually a bad thing, it's much better that they hijack your front page instead of serving illegal material, stealing pagerank, sniffing passwords and the like for months.

Ideally, you should be running with suPHP. With suPHP, directories can be 755 and files 644 without any issues.

Without suPHP, my current recommendation is to just bulk-chmod everything to 777. It's more practical that taking a piecemeal approach that doesn't actually protect you and leads to more upgrade problems which will endanger you if they discourage upgrading.

Make sure the source of this hacking has been identified and patched so it doesn't happen again.
Daniel
Member

Usergroup: Member
Joined: Jul 08, 2009

Total Topics: 17
Total Comments: 31
Daniel
Posted May 24, 2010 - 1:04 PM:

I suggest everybody to chmod everything to 777, who wants a listing on the following page:
http://www.zone-h.org/archive/notifier=hkrkoz_alkuwait


(just like myself with the listings:
www.physics-directory.com + www.physics-directory.de + www.tardyon.de )

Paul
developer

Usergroup: Administrator
Joined: Dec 20, 2001
Location: Diamond Springs, California

Total Topics: 61
Total Comments: 7868
Paul
Posted May 24, 2010 - 3:54 PM:

It's much better to be on that list -- having been defaced -- than to be hacked without the defacement, which is what you're proposing as the alternative.

For the script to do anything, various directories have to be writeable to it. A hacker who has the ability to run code on your site can therefore write to those directories.

777 permissions cannot increase the risk of being hacked whatsoever (unless you're on a shared host run by a complete moron who doesn't use openbasedir redirects), they only affect which directories you'll see obvious effects in.

Of course, 777 permissions are conceptually wrong and an ugly kludge. That's why suPHP should be used. With suPHP, scripts can write to their own directories -- so yes, you can be defaced when you're hacked, but that's how things are supposed to be and sure beats not knowing that somebody else is controlling parts of your site.
Search thread for
Download thread as
  • 0/5
  • 1
  • 2
  • 3
  • 4
  • 5



Sorry, you don't have permission to post posts. Log in, or register if you haven't yet.