: I would like to protect a public directory from public view. None of the files will ever be viewed online. With public directory I assume you mean a directory that you have made available
I would like to protect a public directory from public view. None of the files will ever be viewed online.
With public directory I assume you mean a directory that you have made available online via your HTTP server.
You can normally configure that within your HTTP server. You should deny access to it. Assuming you can trust your webserver, this should do the job.
Chmod'ding to 700 will allow access to the file owner. If the webserver is running under the file-owner (or a subprocess initialized by your webserver), file access would be allowed. This might be intended, e.g. your PHP script runs under that user and your PHP process should access the file.
So configure your webserver to deny access to that directory in question and you should be fine.
To improve the situation, you should move the whole directory out of the public webroot, e.g. to a private directory. That done, your webserver does not need to revert part of it's configuration for a specific directory. Private directories are normally already appropriately chmod'ed. This will give you a bit more control about the situation.
A cracker however will gain access to your system by exploiting your system via some of its components and the bugs in there, normally with the goal to obtain root privileges. That done, the attacker has access to everything regardless of your configuration. So what you suggest to do will not specifically protect your system from crackers but just be a conceptual correct configuration.
To protect against crackers you need a system-vendor and sysadmins that take care of your system, e.g. by hardening the software and it's configuration. We share the code, we share the bugs.
More posts by @Smith883
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.