WordPress.org

Ready to get started?Download WordPress

Forums

Changed the CHMOD to 777 now can't view the site (9 posts)

  1. bitterendings
    Member
    Posted 8 years ago #

    Ok so I was playing around with the CHMOD values of my themes folder. I changed them to 777 from I don't know what. I've searched on google, the topics here, and the documentation folders. They all say to set the CHMOD on 666 (correct me please if I am wrong).

    So I've changed it like a billion times. Every time after I change it to 666 and I refresh my site, nothing. I get a blank white screen. When I look at the page source there is no code.

    Can you please tell me how to get the site back? I would greatly appereciate all help. Thanks.

    Link to the site: http://snitchdesigns.com/jasmine

  2. spencerp
    Member
    Posted 8 years ago #

    If I remember right, I believe the folders are supposed to be CHMOD 755 and if you want to edit your theme files in the admin control panel, you'd CHMOD them 666, otherwise, they'd be the CHMOD 644 *I think*..

    spencerp

    You might have CHMODDED the folders 666 to or something, that might be the reason why nothing is showing up...I'm not sure though..I haven't been drinking beer..so my brain isn't functioning properly.. LoL!!

  3. moshu
    Member
    Posted 8 years ago #

    The other way around:
    666 = writable, meaning you can edit
    644 = safe, the hackers cannot edit.
    (the folder 755)

  4. spencerp
    Member
    Posted 8 years ago #

    The other way around:
    666 = writable, meaning you can edit
    644 = safe, the hackers cannot edit.
    (the folder 755)

    Thank you moshu.. =) Dang lack of beer....lmaO!! I'll adjust the reply above quick.. ;)

    spencerp

  5. pizdin_dim
    Member
    Posted 8 years ago #

    Like moshu said, it's always a good idea to secure your directories and files so that only you can write to them. On a shared server (which most people run WP on), I always go for the maximum security by totally disabling access to the "others" group as well, by:

    chmod 750 for all directories.
    chmod 640 for all files.

    This assumes your directories and files are owned by you and are in the webserver group (usually httpd in a Linux/Apache environemnt).

    The exception to this rule is wp-content, which needs to be chmod 770, so you can upload your files into it via the WP admin interface.

  6. lhk
    Member
    Posted 8 years ago #

    Hi,

    if your host has suexec and a couple of other niceties enabled (which actually is good), then the only settings working will be 755 for folders and 644 for files.

  7. pizdin_dim
    Member
    Posted 8 years ago #

    Lhk,

    That's absolutely true but from my experience hardly any web hosts offer suexec due to the obvious security holes associated with "misconfiguring it" in a shared environment.

  8. lhk
    Member
    Posted 8 years ago #

    Hi pizdin_dim,

    I'm webmaster of several hundreds of sites, on just about as many hosts.

    My experience - lately (meaning after the PHPBB disaster) - is that the number of hosts using suexec in a perfect and tight configuration is sharply rising. The majority of the sites I deal with are on such hosts.

    Very practical experiences with hacking attempts of various scripts have proven the worthiness of these settings, though I admit it may be a wise idea of checking up with the host on just how their servers are configured. E.g. I had recently a client's Nucleus installation hacked who had failed to upgrade in time.

    The very competent host then amiably restored a prior non-hacked version of that website, pointed out what file had been the entry point (plugged by the upgrade I immediately did) and very nicely refused our combined thanks and beg pardon on my client's oversight. As the whole system is an extremely tight ship only that script and site were touched, without any disruption of the server hosting it.

    Conceded, this is no cheapo host, price for a relatively small hosting plan with them is already 15 bucks per month, but when I compare this to the trouble other sites on cheaper hosts have... Even the email spam is close to nil on these accounts due very good preventive measures and they notice if one of their clients has a wormy computer and is consequently spamming himself and notify him of undue usage of the mailservers.

    I always try to steer my clients to such types of hosts. And their numbers are fortunately rising.

    Thus, if a site draws blank or "forbidden/404" with a 777 setting of folders, my first thought goes towards suexec nowadays.

  9. pizdin_dim
    Member
    Posted 8 years ago #

    You raise some very good points, lhk. Thanks for sharing your experience!

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags