Lunarpages Web Hosting Forum

Author Topic: Write permission in .htpasswds folder  (Read 2111 times)

Offline nathanf

  • Spacescooter Operator
  • *****
  • Posts: 45
Write permission in .htpasswds folder
« on: June 16, 2003, 01:41:43 AM »
I'm using a .htpasswd management program and it stores the .htpasswd and .htgroup files in a directory located in my root directory. Webprotect that comes with CPanel, stores password information outside the root directory which is more secure, so I've moved these two files into that directory  /.htpasswds/main and I have changed the permissions on the "main" directory to 777 and 666 for both the .htpasswd and .htgroup files.

From a security perspective:

1) Are these the correct CDMOD settings that I should be using?

2) Is it wise to be using a PHP program to access and write to those files outside of the root directory?

Thanks for your time,
Nathan

Offline TWebMan

  • Quantum Encyclopedia Writer
  • *****
  • Posts: 3047
    • Take charge of your site
Write permission in .htpasswds folder
« Reply #1 on: June 16, 2003, 07:11:09 AM »
1. I don't know if you have a choice, if you want a script to access the file.  One alternative is to let the script create the file in the first place.  That way it has ownership and you don't need to make therm 777 or 666 for the files.

2. I know of perl programs that do so, so I imagine that's not a problem.
"Computers cause people to make more mistakes than any other invention in history, with the possible exception of handguns and tequila."  - Unknown
"Liberty of any kind is seldom lost all at once." - D. Hume
Every day is an Ode to Joy
The planet will be fine... and so will your site

Offline nathanf

  • Spacescooter Operator
  • *****
  • Posts: 45
Write permission in .htpasswds folder
« Reply #2 on: June 16, 2003, 07:46:31 AM »
OK, thanks for getting back to me  :)
Sounds good!  8)