Closed azett closed 7 months ago
Hello all,
In fact, some files and directories require full access, both for users and groups. Historically, until June 2011, rights management was handled by core.filesystem.php and plugin.thumb.php. For simplification, which is a good thing, the rights management then moved to the default.php file. However, until Octoper 2023 not the FlatPress setup changes the permission. The default values of the permission 0777 are only read via the defaults.php - not executed. To do this, you must actively "reset the permission" in the administration area in the Maintenance panel.
Unfortunately, not all web servers are set up optimally, and the Flatpress admin does not have access to the server's permissions; possibly also not enough knowledge to secure the web server. Therefore the solution "Everyone is allowed to do everything (777)" is the easiest - and guarantees that FlatPress will run.
There are two possible solutions:
or
2. the PrettyURLs plugin already offer the possibility to install a predefined .htaccess file. It may be possible to bag a little more security over this. But again, the webserver must support .htaccess.
@azett , what do you think about this?
With best regards Frank
I am closing this issue because we have found a good middle ground. It can be reopened if required.
Question by Rudra on Twitter:
Legit question - needs to be inspected.