Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Security Permissions

Is the a document or post detailing the minimum permissions to give the database user and also the flie/folder (CHMOD) permissions so a secure deployment? I have looked around but can't seem to find any.




  • Options
    R_JR_J Ex-Fanboy Munich Admin

    From the readme:


    Vanilla is built to be simple, and its installation is no exception.

    Upload Vanilla's pre-built version to your server.
    Confirm the cache, conf, and uploads folders are writable by PHP.

    I've created myself a shell script. Not sure if it is optimal but it 's working for me ;)

    find ./ -type d -exec chmod 755 {} +
    find ./ -type f -exec chmod 644 {} +
    chmod -R 775 cache/
    chmod -R 775 uploads
    chmod 775 conf/config.php
    chown -R root:root ./
    chown -R www-data:www-data cache/
    chown -R www-data:www-data uploads/
    chown www-data:www-data conf/
    chown www-data:www-data conf/config.php
  • Options

    Nice one, thanks!

  • Options
    LincLinc Detroit Admin

    Vanilla's database user needs the ability to create, drop, & modify tables, and do all the standard read/delete/update operations. It won't need GRANT, TEMP TABLES, or anything like that.

  • Options
    RiverRiver MVP
    edited December 2016

    @linc this would be easier to find for if it was moved to tutorials category.

    also make sure you put the above script in your forum folder and run it from the forum folder , or you may be affecting more things than you want. And if you run it from your root folder and you have other software you may create other problems. point being know what each line means. don't run it blindly.

    Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.

  • Options

    thanks guys. I'm in the process of switching to a Linux based host so will look at implementing these

Sign In or Register to comment.