Owncloud folder file permissions/Security tweaks


#1

Hi I'm trying to understand what is the absolutely the correct files and folder permissions under Linux/apache?

750 for folders
660 for files?

Also is there other security tweaks that is recommended on a fresh install of owncloud?

Thanks a bunch!
PowerQuest.


#2

There is a documentation available here:

https://doc.owncloud.org/server/latest/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions


#3

Thank you very much!!

644 on htaccess? Why not a lower number like 404 or 400? (just curious)

Cheers!


#4

Why do you want to block read access to a file where the content is already known and available at e.g. the owncloud installation archive? :slight_smile:

Had missed this question previously. There is also a ownCloud specific documentation for this available at [1]. Additional hardening can be done on Webserver, PHP and Operating System level where you should find some generic guides on the net.

[1] https://doc.owncloud.org/server/latest/admin_manual/configuration_server/harden_server.html


#5

Awersome, thanks a bunch! :smirk:


#6

Because of your own security tweaks maybe?

I done a few "hat tracks" on it... :thumbsup:

Cheers! :beers: