This forum has moved to a new location and is in read-only mode. Please visit talk.octobercms.com to access the new location.
I have just successfully installed OctoberCMS. I am investigating and reading the docs.
Looking in /config/cms.php I found:
/*
|--------------------------------------------------------------------------
| Default permission mask`
|--------------------------------------------------------------------------
|
| Specifies a default file and folder permission for newly created objects.
|
*/
'defaultMask' => ['file' => '777', 'folder' => '777'],Setup > Configuration doesn't have a section on this.
Why are the default permissions so permissive?
I have always believed that it should be 755 for folders and 644 for files.
Would setting these risk breaking some aspect of OctoberCMS ?
Or is it safe to use these settings?
Mod edit: code formatting
Last updated
You're right about using more restrictive permissions. I'm not really sure why October defaults to such wide-open permissions. It could be to avoid potential issues with shared hosting and/or people that don't know what they're doing. IMHO it's teaching people bad habits.
I guess the issue of secure permissions is people who assume they need to run as root, because they haven't set the owners correctly. I'd always recommend running chown -R www-data:www-data /path/to/october. That way, people can modify files with sudo -u www-data some-command.
TL;DR: As long as you have the owner set correctly, secure permissions should not be an issue. You sound like you know what you're doing, so go ahead :)
Last updated
1-3 of 3