chmod and chgrp on user  linux account

Posted on 2014-08-29
Last Modified: 2014-08-30
Dear Experts,

Now I would like to open my VPS site to visitor. Before doing that, I need to
set all my directories and files to be read only (including download file from visitors).
And I know if don't put any index.html or inde.php at the directories, it will
show  the directories content such as file tress on browser. How to not to read the file trees by visitor.

Is there any existing linux script doing for ALL  change the read mode with my user group for all
file and directories  and its sub-directoried
under my VPS user account directory when visitors visit my site and the script  meets the requirement mentioned above ?  SO I need to take use
chgrp besides chmod command in the script.

For uploading file from visitors, do I need to set write and read for the uploading directory
in my server, how  ?

Please advise

Question by:rwniceing
    LVL 8

    Accepted Solution

    the easiest way when you do not have a security concept is to login by ftp on your server to set the permissions and to test. you can use for example.

    The security concept is user group anyone means the first number is the permission for users the second for the group and the last for every one normally you should set 750. So you can still have full access the group normally the apache group has only read execute and anonymous 0

    You can read how to do:
    LVL 27

    Assisted Solution

    If I'm reading correctly, I believe you just need to use the -R option to chgrp and chmod to change it for all subdirectories.

    Change the group to your home folder and everything under.
    chgrp -R My_Group ~

    Remove write permissions from the group and other in your home folder and everything under
    chmod -R g-w,o-w ~
    LVL 1

    Author Comment

    g-w  and o-w is equal to 744 or something else ?

    how to not to show file directories tree on browser  if the index.php or inde.html is not existing on
    those directories ? For example, when you type http://, , it will show the
    directory  or file tress on browser since there is no any index file.
    LVL 27

    Assisted Solution

    It's subtracting the w or write from group and other without changing the other permission bits.

    It could be 755 or 744 or 711 or 700, depending on what you had before.

    What do you mean exactly?  Do you want to disable directory listing?  Then you remove the read bit but leave the execute bit for the directory.  The files should still have the read bit.  Set the directory to 711 but leave the files with 744.  If you have scripts, you may need to set those files to 755.  That's why you use the g-w, o-w options to only remove the write bit.
    LVL 61

    Assisted Solution

    You can chroot their sftp account. Or FTP account... as you prefer. No need to change permissions.
    LVL 1

    Author Closing Comment

    Thanks for your reply

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
    Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
    Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
    Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now