Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options
Security Permissions
alan0309
New
Is the a document or post detailing the minimum permissions to give the database user and also the flie/folder (CHMOD) permissions so a secure deployment? I have looked around but can't seem to find any.
Thanks
Alan
0
Comments
From the readme:
Installation
Vanilla is built to be simple, and its installation is no exception.
Upload Vanilla's pre-built version to your server.
Confirm the cache, conf, and uploads folders are writable by PHP.
I've created myself a shell script. Not sure if it is optimal but it 's working for me
find ./ -type d -exec chmod 755 {} + find ./ -type f -exec chmod 644 {} + chmod -R 775 cache/ chmod -R 775 uploads chmod 775 conf/config.php chown -R root:root ./ chown -R www-data:www-data cache/ chown -R www-data:www-data uploads/ chown www-data:www-data conf/ chown www-data:www-data conf/config.phpNice one, thanks!
Vanilla's database user needs the ability to create, drop, & modify tables, and do all the standard read/delete/update operations. It won't need GRANT, TEMP TABLES, or anything like that.
@linc this would be easier to find for if it was moved to tutorials category.
also make sure you put the above script in your forum folder and run it from the forum folder , or you may be affecting more things than you want. And if you run it from your root folder and you have other software you may create other problems. point being know what each line means. don't run it blindly.
Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.
thanks guys. I'm in the process of switching to a Linux based host so will look at implementing these