Suggested Additions To The add-in

Thanks itiab!

I love the idea about storing file permissions! I think I’ll build that into our Look-See plugin.

Do you think it is worth asking the user for their desired baseline permissions, or just assume a typical 644/755?

I personally go for a 750 / 640 model. Why give universal access if it is not required – it is just begging for exploitation.

I like the approach blackviper takes in his Registry / Service settings for windows 7 / 8 / 8.1 etc. ( https://www.blackviper.com/service-configurations/black-vipers-windows-7-service-pack-1-service-configurations/) He has Safe, Tweaked and Bare bones settings.

Maybe the settings can be :
1 – Safe as houses – bog standard.
2 – Tighter – But still reasonably safe in most situations
3 – Bleeding edge / Paranoid. User beware.

Maybe two to three sets – locking down .htaccess, .htpassword, wp-config, Uploads folders, wp-includes, Themes folders.

The tightly locked down version might have an untighten / relax settings option to upload new files then lock down again.

My 2c worth. ??

Shane

Look-See 15.09 now has a basic file permission checker capability. You tell it your target value, and it will let you know if any files have different access.

I’m not sure how well this particular feature will work across different environments, so please let me know if you run into any issues.