I can't answer all your questions, but I can answer a little. Ideally your should have everything from the html dir on down owned by root (or the account of whoever is going to be maintaining the html pages), but with a group of www. The permissions for everything should have the group and others lacking write permission to anything (even if you're using a db). There's no reason apache or anything else needs write permission to those directories unless you're planning to use webdav for publishing your pages. Geoff Sent from my BlackBerry wireless handheld. -----Original Message----- From: "Rogelio Bastardo" <scubacuda@xxxxxxxxx> Date: Sun, 23 Sep 2007 10:13:46 To:"CentOS mailing list" <centos@xxxxxxxxxx> Subject: [CentOS] chmod / chown settings on /var/www/html I'm setting up a new CentOS 4.4 server to work with Fruity (a frontend program that operates Nagios). For security purposes, what chmod and chown settings do you put on the /var/www/html folders? Also, can anyone recommend any good LAMP hardening guides? While I'm not planning on putting this into production, I'd like to cover all my bases before that's an issue. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
