The MU forums have moved to WordPress.org

how to secure wpmu? (3 posts)

  1. Ovidiu
    Member
    Posted 13 years ago #

    hi there,
    can anyone point me to some tutorials on how to secure wpmu?
    more exactly I was wondering about file and folder permissions. while testing and setting up, I had to relax some permissions so now I am wondering what folders, i.e. wp-content , cache, files, blogs.dir, etc, needs what permissions to work and for users to be able to upload and change files...

    Googling I found this: All folder permissions should be set to 755. Files should be set to 644. Files that you want to edit in the WordPress Theme editor should be 666. Never use 777 for WordPress permissions

    Thats for wordpress, any other special things to keep in mind when it comes ot wpmu?

  2. SteveAtty
    Member
    Posted 13 years ago #

    I've got mine set so that the only folders the apache user has write permissions on are the upload directories and the files associated with the cache.

    Call me paranoid but after a security hole in phpbb allowed someone to wipe out all the files in the directory I by default don't let the apache owner own any files apart from those it has written.

  3. Ovidiu
    Member
    Posted 13 years ago #

    upload directories?

    would that be the whole blogs.dir folder? isn't that necessary?

About this Topic