chmod to 777 an acceptable security risk?

  • Please excuse what must be an elementary topic, but…

    I just installed WP on GoDaddy. I was just about to purchase and upload a premium theme when I noticed that the install required that I adjust the CHMOD to 777. As far as I can tell, this seems to be a security issue, yet, this seems to be the norm for WP theme installs. Can anyone shed some light here? Is 777 permission acceptable?

    Thanks

    tug

Viewing 3 replies - 1 through 3 (of 3 total)

  • No it is not acceptable for theme installs. If the theme can not be installed and work with files 644 and folders 755 it is a huge security risk. One folder at 777 on a shared server can/will get every site on that shared server hacked.
    Why the hec does the author state it needs 777 permissions? Ridiculous – unless you just use 777 for install then chmod back to 755.

    Good point by samboll, it might be a trap if the author requires the theme to be 777.
    Anyways, did you try installing it already without CHMOD to 777?

    Thread Starter tug

    (@tug)

    Sorry for such a long delay in this response. I did not realize there were responses to this post.

    My ignorance in this post. The chmod was not required to be changed for installation. The cache chmod required chmod change to 777 in order to utilize an image resizer only.

    All is well and checks out fine with WP-Security Scan. ??

    Cheers

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘chmod to 777 an acceptable security risk?’ is closed to new replies.

Tags