Our host is claiming that DA requires insecure settings.

MA van Kaam

New member
Joined
Sep 20, 2019
Messages
3
Topic: Our host is claiming that Direct Admin requires highly insecure 777 file permissions in order to work.

Case: Our host has recently moved from CPanel to Direct Admin, but claims it needs to set certain file permissions to the highly insecure 777 permissions in order for DA to work because they are running LiteSpeed servers.

Is what they are saying correct: that Direct Admin requires these highly insecure settings for LiteSpeed servers in order to work?

Eagerly awaiting an answer.

Details:

1- A shortcut with 777 permissions (named public_html) was made in the root folder (1), which links to the public_html folder of one of our domains, as in the domain folder (2), this folder in the domain folder itself only has 755 permission as in (3) [see second point]:
(1) https://ibb.co/z8hhRgR
(2) https://ibb.co/FsYpQ5D

2- A shortcut with 777 permissions (named private_html) was made in the root folder of the domain (3), which links to the public_html folder of that same domain (2), this folder in the domain folder itself only has 755 permission as in (3):
(3) https://ibb.co/s9ny1Sn
(2) https://ibb.co/FsYpQ5D

3- A server read-out from the host (4):
(4) https://ibb.co/K0VkmWg

4- Host claiming there is no fix for the 777 file permissions (5):
(5) https://ibb.co/Y0tGRrj
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,173
Location
GMT +7.00
Hello,

You host support has right.

Symbolic links always have 777 permissions. Effective permissions are the permissions of the file or directory that the link points to. If you try to chmod a symlink, you'll change the permissions on whatever the link is pointing to.

See more here: https://www.google.com/search?q=symlink permissions
 

MA van Kaam

New member
Joined
Sep 20, 2019
Messages
3
Hello,

You host support has right.

Symbolic links always have 777 permissions. Effective permissions are the permissions of the file or directory that the link points to. If you try to chmod a symlink, you'll change the permissions on whatever the link is pointing to.

See more here: https://www.google.com/search?q=symlink permissions
Thank you for your answer,

If I may follow up this question with another one:

Our host states that they aren't able to get mod_ruid2 to work on their severs because they are running LiteSpeed. Seeing as I found your older reply on how to bypass mod_ruid2 breaking the server, could you maybe explain what wrong configurations of DA could lead to LiteSpeed server problems, or security issues.
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,173
Location
GMT +7.00
With LiteSpeed you don't need to use mod_ruid2, LiteSpeed's module lsphp is doing its job fine and processes users scripts securely.
 
Top