Joomla File Permissions Question

Hello Experts,

I have been told that make the Directory Permissions in Joomla writable (see attachment) I have to get in touch with the ISP that is hosting my web site and request that they enable file permissions.

Is that correct?

Cheers

patte
hosting.PNG
cpatte7372Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Steve BinkCommented:
Even with shared hosting, you're probably able to modify the permissions in your directories, but it really depends on the host.  You can certainly contact your hosting provider for assistance with it, though.
0
Prasadh BaapaatWeb Designer & DeveloperCommented:
Hi Cpatte,
Here is a way how you you can DO IT ON YOUR OWN:

I assume that you must have received the CPanel Login from the hosting company.

Follow Steps given below to Change Directory Permissions:

1) login to  CPanel:
Login to CPanel
2) After you log in, Find the link "File Manager" in you Control panel and click it to open File Manager. (you will be prompted to choose which location you want to ope>> choose web root) Open File MangerChoose Web Root
3)after you file manager opens, you will see a list of directories (folders), RIGHT CLICK on any folder you want to change permissions and select option "Change Permissions" from drop-downRight click on directory you want to change permissions of.

4) A settings box will open. add 755 OR select option boxes as shown in image:
setting permissions to 755 will make you directory writable as required by Joomla.
chane change permissions to 755
5) you can follow above steps to change permissions for any directory you want.

have fun changing directory permissions :)
Prasadh
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Prasadh BaapaatWeb Designer & DeveloperCommented:
Update & Caution: this above method also work for changing permissions for individual files. but proceed with caution when changing permissions as it may threaten security of your website, so do it only when it is necessary and not at random.
0
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Steve BinkCommented:
DO NOT DO AS PRASADH BAAPAAT DIRECTED!!  

There is absolutely no need to set *ANY* files or directories to world executable, and doing so will open your web site to attack.  At *most*, you need to set write access for the user and group, and write access for the user is probably all that is actually needed.

Start with as few permissions as required.  If you find you need more, you can always come back and add them.
0
Prasadh BaapaatWeb Designer & DeveloperCommented:
@Steve Thanks for pointing out the security risk.

I did post the Caution note... but I did not elaborate it ... next time I will keep that in mind.

Most probably he must be getting the write permission error when he is trying to install some new extension.

he can change settings, install whatever and again change permissions to original... (I am not saying he do it... I am expressing my views here)

I posted the above detailed example only so that Cpatte understands that he CAN CHANGE IT ON HIS OWN... showing it does not mean I wish him to land in trouble.

as per my experience in Joomla sites, if you keep the site updated, dont install unknown or untested extensions... host your site on a good reputed host, there is no need to worry.

and that way nobody is safe :) even big sites employing a dozen security experts get hacked.

you cannot learn to swim unless you jump in the water is what I believe in.
0
Steve BinkCommented:
@Prasadh Baapaat: the focus of my warning was setting world writable or world executable on anything in the site's directory tree.  Besides that issue, your instructions (in the context of cPanel) are fine.  

And I certainly wasn't trying to imply you recommended a dangerous solution on purpose.  My warning was forceful because inexperienced admins will typically go for the "path of least resistance", not realizing the dangers lying in wait.

OP absolutely needs to adjust permissions on his site, and (assuming s/he has cPanel) your instructions will guide in that effort.  However, it is very likely that only user write permission is necessary, and anything over that just exposes more surface area.
0
Prasadh BaapaatWeb Designer & DeveloperCommented:
Agreed :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Joomla

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.