Bangla/Bengali Joomla CMS - বাংলা জুমলা বাংলাদেশ - জুমলা ফাইল/ডিরেক্টরি অনুমতি/অধিকার

জুমলা ফাইল/ডিরেক্টরি অনুমতি/অধিকার

If you have used Joomla but didn't face permissions problem then you are not telling the truth. Every week there will be a post on Joomla forum asking for information about the file and directory permissions. This article discusses the issues in clear terms.

File/directory Ownership:

Every file and directory on a server (Unix or Windows run) is owned by an user. As an owner the user has the exclusive right to modify/delete/move the file or directory. The owner can also create new file or directory under his own directory. Unless the user grants other users the permissions o access or modify his files or folders no one else on the system can do anything on those files. Also an user can't give up or acquire ownership of any file or directory. The only exception to these rules is the root user who can access any file or folder at any level (read, write, modify, execute etc) and also change or transfer ownership of any one's file or directory. This is the standard security model of UNIX.

On a web server web site owners are given an user account that enables them to log on to the system. or security reasons, some servers only allow login via FTP protocol or account management software like cPanel that relies on HTTP protocol. This mean you as a site owner have one account to a server that you can connect via FTP or special cPanel. Some hosts allow direct shell access that works on Telnet protocol. We are talking about these protocols because, to connect to a website (either as an owner or viewer) we must follow a protocol and each protocol work in a different way.

Any file you upload or folder you create on a server via FTP is owned by you. Anything owned by cant be accessed by others except the root unless you specifically permit them changing the permissions flags. In contrast to this, anything you create on the server via some php scripts is generally NOT owned by you. For example, if you install a component from Joomla administration panel, the component's files are not owned by you though they reside in your folder. These files are owned by the user who ran the Apache process.

Depending on how the Apache is configured these files can be root's or some other user's (most hosts create a special user for running apache.) However, if the Apache is configured to use suEXEC these files are indeed yours. Now if you have a component installed via Joomla but you cant delete it from FTP (or even cPanel), then the only reason for such thing happening is above. In such case, anything you install via Joomla must be uninstalled by that too. Strangely, sometimes you cant delete such files or folders but can rename them. It is always good and safe to use FTP as far as possible.

The hosting company can configure their server in such a way that anything in your home folder is owned by you. These are good reliable hosts.

File/directory permissions:

In UNIX language a file can be read, written or executed by an user, a group or the world. Now, a large number of people (including some experts in Joomla forum) believe that this "world' means the whole real world. This is vary far from true. An user belongs to a group. Any other user not belonging to that particular group is said to be from world. So, for example a UNIX machine has user alex, jhon and terrence. alex and jhon belong to a group called nerd while terrence has his group called master. The rule is: terrence is world to jhon and alex, and jhon and alex are also world to terrence. alex is a group member of the same group as jhon. So for example, alex has a file with permission 777. That means, anyone on the machine can read, write (modify or delete) and execute that file. This does not mean Mr x from Turkey when trying view that file from a web browser can delete the file. (The viewer is coming to the system via a read-only HTTP protocol, he can not log on to the system.) If jhon has a file with permission 644, that means his group member can execute (4) the file, any other user can also execute it.

A file permission of 777 is not secure, as anyone on that machine can wipe out (writing empty content) that file or potentially append some extra codes. But, 777 on a folder on the other hand is NOT that dangerous. Why, a 777 on folder means anyone on the machine can create new file on it. They can not just delete the whole folder.

Understanding Joomla file and directory permissions:

So, when Joomla backend shows warning that certain folders are not writable what does it mean? It means Apache is either running as a limited user (so cant access your folders) or as suEXEC but before it can create new files you have to modify permission on it. You should able to make the warnings green if you set them to 644 (folders) if the apache had been running suEXEC. If that is not the case, then there is no other alternative other then setting them to 777 (for the duration of installing a module, component etc). Once the installation is done you must set them back to 644. For a file, like configuration.php, Joomla backend wont be able to save anything if it is unwritable. If it has 644 but the joomla admin still shows cant be modified, then you have to set to 666, for a moment and then back to 644. If you understand a bit, you can directly edit the configuration.php file locally on your computer rather than relying on the Joomla admin panel. The only exception to these discussions is the cache directory which needs to be 777 (if your host running Apache not as suEXEC) if you enable the cache option on.

< পূর্বে		পরে >

[ পিছনে ]

Bangla/Bengali Joomla CMS - বাংলা জুমলা বাংলাদেশ

File/directory Ownership:

File/directory permissions:

Understanding Joomla file and directory permissions:

প্রধান মেনু

লিংক

ডাউনলোড লিংক