I am in the proces of creating a new site using an external internet provider. I am not a technical person and I have just about enough knowledge to make minor changes to most parts of Umbraco
When they first installed Umbraco 7.3.1 I could not do much in the Dashboard. Just about everything crashed because of access issues. So the provider lifted all restrictions and I had full access to all files and folders.
For a few weeks I started working with a freshly installed skin changing formats, creating and changing document types and creating content.
Now I am nearly ready to to launch the site and I decided to tell my internet provider to change the access to files and folders back to their default. What I expected, happened almost straight away: again I ran into security caused issues.
Could someone please help me and tell me what the best and most reliable set up of the files and folders is? Obviously I will want to fully use the Dashboard but I can also understand the point of the internet provider that access to files and folders should be limited.
Is there a proper way to set this up? Would it be possible to restrict access to just me and keep the rest safe from others? The internet provider provides their users with tools to change access themselves.
Check out this documentation on umbraco file permissions. It looks kind of out dated, but it is a good start.
A good rule of thumb is that the user that the umbraco site is running under will need Modify/Full permissions on any directories whose contents can be modified through the umbraco backoffice.
media
scripts
css
macroScripts
masterpages
usercontrols
Xslt
Views
Then there are some other directories that need Modify/Full permissions as well. App_Data is where a lot of caching is done. The other directories here might need to be modified when a package is installed through the backoffice. There are probably other reasons that I don't know of.
App_Code
App_Data
bin
config
Umbraco
uSync (if you have uSync installed)
Contrary to the document I linked to, we always set the Umbraco_client directory to have just Read/Execute (RX) permissions, and we haven't had a problem yet. All of the files and directories that I didn't list as needing Modify/Full permissions will need RX permissions. I think that is usually the default.
Security - how to set up in the best way?
I am in the proces of creating a new site using an external internet provider. I am not a technical person and I have just about enough knowledge to make minor changes to most parts of Umbraco
When they first installed Umbraco 7.3.1 I could not do much in the Dashboard. Just about everything crashed because of access issues. So the provider lifted all restrictions and I had full access to all files and folders.
For a few weeks I started working with a freshly installed skin changing formats, creating and changing document types and creating content.
Now I am nearly ready to to launch the site and I decided to tell my internet provider to change the access to files and folders back to their default. What I expected, happened almost straight away: again I ran into security caused issues.
Could someone please help me and tell me what the best and most reliable set up of the files and folders is? Obviously I will want to fully use the Dashboard but I can also understand the point of the internet provider that access to files and folders should be limited.
Is there a proper way to set this up? Would it be possible to restrict access to just me and keep the rest safe from others? The internet provider provides their users with tools to change access themselves.
Check out this documentation on umbraco file permissions. It looks kind of out dated, but it is a good start.
A good rule of thumb is that the user that the umbraco site is running under will need Modify/Full permissions on any directories whose contents can be modified through the umbraco backoffice.
Then there are some other directories that need Modify/Full permissions as well. App_Data is where a lot of caching is done. The other directories here might need to be modified when a package is installed through the backoffice. There are probably other reasons that I don't know of.
Contrary to the document I linked to, we always set the
Umbraco_clientdirectory to have just Read/Execute (RX) permissions, and we haven't had a problem yet. All of the files and directories that I didn't list as needing Modify/Full permissions will need RX permissions. I think that is usually the default.is working on a reply...