Jump to content
sluggo

required file and directory permissions

Recommended Posts

Hello all,

 

I am disturbed by what appears to be the required permissions when installing processwire. I am getting this type of error message:

Directory /site/assets/ must be writable. Please adjust the server permissions before continuing.

I changed the perms from 755 to 775 and I don't want to use 777 (I don't even like 775).

% ls -l
total 8
drwxrwxr-x@  3 jtm6  staff    96 Mar 16 10:44 assets

So how do I proceed?

In addition, I am not even sure that I need ProcessWire. I am just trying to get a dev website open and the index.php file errors out. However, the top of this file has this comment:

 * ProcessWire Bootstrap

I am attaching the index.php file.


Anyway, thanks for your time

downloaded-index.php

Share this post


Link to post
Share on other sites

Hello and welcome to the forums! I personally get by using 755 on my local dev environments as well live installs. If you have not looked at it already, I would take a look at the following concerning permissions:

http://processwire.com/docs/security/file-permissions/

As for the comment "* ProcessWire Bootstrap", this enables ProcessWire's API to be used in other php scripts not already stored inside of ProcessWire's file structure. A good read can be found here:

https://processwire.com/api/include/

 

Share this post


Link to post
Share on other sites
2 hours ago, sluggo said:

I am disturbed by what appears to be the required permissions when installing processwire. I am getting this type of error message:

Directory /site/assets/ must be writable. Please adjust the server permissions before continuing.

I changed the perms from 755 to 775 and I don't want to use 777 (I don't even like 775).

ProcessWire shouldn't need 777 at all. You just need to make sure that the web server can write in site/assets, since this is where all dynamically changing data (caches, files, logs) is stored. You probably just need to give ownership to www-data (or whatever the webserver runs as) and can switch to 0750. If you're worried about security: the .htaccess file is quit strict in limiting access there.

 

  • Like 2

Share this post


Link to post
Share on other sites
1 hour ago, BitPoet said:

ProcessWire shouldn't need 777 at all. You just need to make sure that the web server can write in site/assets, since this is where all dynamically changing data (caches, files, logs) is stored. You probably just need to give ownership to www-data (or whatever the webserver runs as) and can switch to 0750. If you're worried about security: the .htaccess file is quit strict in limiting access there.

 

Thank you. I guess the solution was obvious:

sudo chown www assets

actually I used

sudo chown -R www site

Share this post


Link to post
Share on other sites

Is there an overview/cheatsheet anywhere with recommended permissions for each folder and file?

I know permissions are set at installation, but I probably messed things up a bit in a server upgrade or PHP 7.3 has different requirements. I now keep running into permission issues.

Share this post


Link to post
Share on other sites

Thanks wbmnfktr, I had seen that one. That page gives a lot of general, very useful background info on the how and why of permissions, but I was looking for a quick overview/cheatsheet with recommended settings for each processwire directory/file.

Share this post


Link to post
Share on other sites

I looked up what is set here...

folders: 755
files: 644 (config.php 400)

Maybe that's too general as well but it seems as those are the only settings - at least I can't find only those permissions here. It matches the details written here: https://processwire.com/docs/security/file-permissions/#permission-755-for-directories-and-644-for-files - so I'm fine with that for now.

Whenever I have the feeling I messed to much with those permissions I create a site profile, install it totally fresh and start from there. Doesn't happen that often but it happened.

 

What problems are you facing right now and what errors/warnings show up? Maybe it's something totally different.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By pwFoo
      Hi,
      I try to add page-edit-own and page-delete-own permissions, but it's strange...
      If a add the custom permissions it looks like both are children of page-edit respectively page-delete. I played with added / revoked permissions, but I can't get it work, that a user of a role just can delete own content.
      First the user can't delete any content and now the user can delete own and foreign pages 🤪
      Is there a tutorial to learn more about the PW permissions?
      Or do I have to rename the permissions to page-own-edit and page-own-delete to be independent from page-edit and page-delete?
    • By benbyf
      not sure why but PW adds any uploads as permissions 600 (e.g. images wont load after upload unless i go in with the same server user and change permissions to 755 or similar). This ever happened to any one else?
    • By Guy Incognito
      Hi all. We've created a private log-in area for a client on their site that is restricted on a roles basis. Is there a simple solution available to let them upload files to a file field and then choose individual users that can access individual files?
      Does that make sense?!... it's hard to search for answers to this as all results pertain to server file permissions.
       
    • By ridgedale
      Reference: PW 3.0.111 and uikit3 based site using the Regular-Master profile.
      I wonder if anyone might be able to point me in the right direction. I need to restrict the superuser role to overall administrators of a group of sites, but provide role and permission administration for the administrators of the individual sites. My searches unearthed the following thread:
      However, after having already created the sitemanager role and given site administrators the user-admin permission and having then created the role-admin permission and assigned that to the sitemanager role, the users with sitemanager permissions are able to see the Roles item under the Access menu of the backend but no submenu is displayed showing the Add Role option or any of the roles that the administrator should have access to. My intention is that the individual site adminstrators should have access to assign the guest and sitemanager roles (but not edit them) and be able to create roles with privileges beneath that of sitemanager.
      Any advice would be greatly appreciated.
       
    • By dimitrios
      Hello,
      I have created a field of type Page Reference and input field type Page Auto Complete, so that users of role 'writer' can add new tags to their articles. However, only a superuser can add new tags through the field, even though 'writer' roles have the permission to create  pages of template 'tag', and the permission to add children in the parent template. New tags in the Page Tree can be added normally. Is there something I am missing?

×
×
  • Create New...