Forum Replies Created
-
Posts
-
Hi Basilis,
What do you say about the host saying WordPress usually requires 755 for directories, rather than 775?I’m having the same issue with just two images on my site (both are transparent PNG logos).
The SSL Insecure Content plugin only fixes it on the “Capture” setting which I understand can impact performance and also can break parts of the site.
Why is this happening in the first place?
Any suggestions on how it can be avoided/fixed without this solution that may cause other issues?THanks!
EThe host says:
” 775 permissions set gives read/write/execute permissions to both “Owner” and “Group” while giving read/execute
permissions to “Everyone”. This is much safer than 777, and on our specific configuration, where your users are assigned to their own
groups, this wouldn’t be a specific security concern, though I cannot speak for the configurations of other providers. That said WordPress, in
general, requires 755 for directories, typically not 775.”Hi Nikko!
How do I adjust this code to do the same thing for Portfolio Items instead of Posts?
Thanks!
DI also have this issue. I received an email from Dreamhost entitled “DreamHost Malware Remover – Site Compromised”:
The following files/directories had insecure permissions (777), which have been remediated: /wp-content/uploads/dynamic_avia
I raised the issue with Dreamhost support and pointed them to this thread.
Their response:
With the way our system is configured, only your user
has write permissions regardless of how permissions are set, so first
things first, 777 permissions are not necessary for any capacity. As your
site is on a VPS with no other users, it is sandboxed and as such, read
access is not so much of a security risk in this specific case. That
said, in general, for most users that would be running on a shared
server, to say that using a 777 permissions set is “safe” is not a
sentiment I would personally agree with. Additionally, if Group
permissions are the concern of the developer, they should utilize
Owner/Group permissions, as opposed to allowing “Everyone” full
read/write/execute permissions as 777 does.In any application where permissions are concerned, the lowest set of
permissions to allow function should be set. In all but a vary minute
subset of circumstances, this would be 644 for files, and 755 for
directories. If you have any additional questions or concerns, please
feel free to let us know.What do you guys think?
Thanks!
DHi Jordan,
Thanks for the response. But, what about the text next to the Quick CSS box that says:
“Just want to do some quick CSS changes? Enter them here, they will be applied to the theme. If you need to change major portions of the theme please use the custom.css file or the Enfold Child theme.”
Are there any site performance considerations?
Thanks
D
