Files & Folders Permissions

[shyuanshyuan]

Hi, I owned a few VPSs come along with WHM/cPanel all from different hosting providers. One since last year, one since 2 months ago, another two since last 1 or 2 weeks.

With the older VPSs (1st and 2nd), I have no files & folders permissions issue. The issue (3rd and 4th VPS) I am saying is actually like this:

Files that I uploaded via Filezilla to the server, have folder permissions of 0775 and files permissions of 0664 (I am not too sure if the files are uploaded via cPanel's FileManager will have such issue). With these permissions, I got 500 Internal Server Error and thus I could not do my things. As what I know, I need to have files 0644 and folders 0755.

3rd VPS provider told me something about suPHP but never attempted to help me fix it.

4th VPS provider told me "Those where simply the default cPanel server file permissions for non root accounts. By default they are set to 644 and 755 for root account and 664 and 775 for non privileged accounts. What I have done was simply altered the default configuration to carry out the 644 and 755 permissions onto all accounts on the server by adjusting umask value.".

Why do the 1st and 2nd VPSs I got don't have such issue? But why only the recently bought VPSs (3rd and 4th both different providers) have such issue? Is this a new default settings in latest cPanel release?

Or like the support guy (4th VPS) said, my account is a non root account? And what does that means?

Your inputs will be very much appreciated! Thank you.

 

[MattAtNatwell]

You might be able to set file permissions via FileZilla its self.

 

[shyuanshyuan]

Hi MattAtNatwell,

In fact Filezilla allows permissions settings, but I would prefer answers made according to my questions above But I appreciate your inputs. Thanks.

You might be able to set file permissions via FileZilla its self.

 

[cPanelTristan]

I have no idea what is meant either by the provider. Which file did they modify? umask values do impact file and folder permissions, but knowing which file was changed would help a lot to know what was wrong.

Also, FTP file uploads are typically done by the account level user, so I'm uncertain how it would have to do with root versus non-root user.

 

[NetMantis]

Files that I uploaded via Filezilla to the server, have folder permissions of 0775 and files permissions of 0664 (I am not too sure if the files are uploaded via cPanel's FileManager will have such issue). With these permissions, I got 500 Internal Server Error and thus I could not do my things. As what I know, I need to have files 0644 and folders 0755.

Your main problem where you discuss seeing the "Internal Server Error" on your web site comes from that group level "7" permission that you mentioned above.

On most modern current servers (SuPHP or FCGI), you would actually need those folders permissions to be setup as 0755.

Setting 0775 on these systems would actually make the folder non-accessible in the default installation configuration (and thus the reason for the 500 error that you are seeing).

The following is the general correct permissions for SuPHP based servers:

600    PHP Scripts (including those that say they want to be 777)
400    Rare case where PHP scripts don't want to be writable 
755    CGI Scripts (*.pl, and *.cgi)
644    Non-Script Files (*.html, *.css, *.jpg, *.gif, etc ...)

755    [b]ALL[/b] folders beneath public_html
750    public_html folder itself ([i]owner[/i]:nobody)

Under NO circumstances set any file or folder to 777, 775, or 666 as this will actually break your scripts!

777 under SuPHP is a special case which is roughly equivalent functionally to 000 (IE: no access)

Because SuPHP (and also FCGI) use owner based permissions, 755 for folders and 600 for scripts is actually functionally identical to 777 and 666 respectively for regular DSO (mod_php) based servers!

In the world of the old DSO (mod_php / Apache module) based servers, permissions are quite different:

644  for PHP Scripts   (if the group is 'nobody', can use 640)
755  for CGI Scripts (*.pl, *.cgi)
644  for Non-Script Files  (*.html, *.css, *.jpg, etc ...)
666 for Files needing to be writable (660 if the group is 'nobody')
777 for Folders needing to be writable (775 if the group is 'nobody')
755 for Folders in General under 'public_html'

You need to use the correct permissions needed for your type of hosting server!

If you are uncertain what type of PHP configuration your hosting provider uses, you can setup a PHP script file calling the phpinfo() function and look for the line towards the top of the phpinfo output screen that tells you what type of PHP installation that you have which will usually say "Apache Module", "cgi", or "cgi/fastcgi".

If it says anything related to CGI then you would use the first set of permissions that I provided to you above. If your PHP installation says "Apache Module" however, you would use the second set of permissions I provided above.

If it does say "Apache Module" and you were a shared account, I would strong consider getting a new host as DSO based PHP (mod_php) has very serious security flaws and is extremely dangerous to be using particularly with regard to use in shared hosting servers. For a VPS or Dedicated server, you would best be advised to change the server's configuration over to either SuPHP or to FCGI (dedicated, don't use on VPS).

To answer your question about "non-root" account, it sort of sounds to me that your hosting provider set you up as a shared reseller instead of an actual VPS server where you would normally have full root access in the virtual environment.