Am 02.12.2017 um 14:27 schrieb Nicolas Kovacs <info@xxxxxxxxxxxxx>:
>
> Le 02/12/2017 à 14:19, Leon Fauster a écrit :
>> I would build a rpm package of wordpress (everything can be defined
>> there like permissions etc)
>
> The initial question was: WHAT permissions?
The application design should have considered security best practices. I do not known WP but check their sites.
So, following the "need to write" requirement, its a good decision (yours) to allow only the minimum. "Normally"
such space should be outside of the "document root" of the hosting.
> and disabling the automatic update
>> function in wordpress. Build once it can be installed on all (two
>> dozen) webservers automagically (local yum repository) ... externe
>
> That would mean one package per Wordpress, since I don't have only one
> Wordpress installation per server. Not a solution.
All installations should have the same base (normally the latest WP release) - so,
to be clear one package for all. This has nothing to do with different content or
themes.
I other words, if security is your focus then the process is the target of your effort.
Its just my suggestion ...
--
LF
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
