CHMOD Permissions with attachments folder

**Andy** · Thu 4 Aug '11, 3:06pm

If you are moving attachments into the file system, it is recommended that you do *not* place the folder under your web root (usually named public_html or www or www_root) because people will be able to bypass vBulletin's permission system and download them.

**reefland** · Thu 4 Aug '11, 3:12pm

What is the concern with directly accessing the directory or files within it?

**MadK** · Thu 4 Aug '11, 3:50pm

Originally posted by Andy

If you are moving attachments into the file system, it is recommended that you do *not* place the folder under your web root (usually named public_html or www or www_root) because people will be able to bypass vBulletin's permission system and download them.

Is there a way however that I can have the attachments folder in the web root with the appropriate CHMOD permissions? Maybe with .htaccess?

Originally posted by reefland

What is the concern with directly accessing the directory or files within it?

Having private forums where attachments are saved for instance, as to avoid any permission bypass like Andy mentioned.

**Ponydaddy** · Thu 4 Aug '11, 4:01pm

Originally posted by MadK

Hey there everybody, I hope you're doing great!

I'm sending you this message because when I am moving my attachments from my database to the filesystem, it seems like my attachments folder, which is set to 0777 CHMOD is easily accessible by anyone who types it in in the URL bar.

I have tried setting the permissions to 711, but no to avail.

I thought that I could set it to 750, would that fix it?

Thank you very much for your help and have an awesome day!

can you tell me what i should type to see if it works on my forums want to make sure it cant be accessed

**MadK** · Thu 4 Aug '11, 4:16pm

Originally posted by Ponydaddy

can you tell me what i should type to see if it works on my forums what to make sure it cant be accessed

Sorry man, this forum is still in development stage and as such I would like to keep it private!

**Andy** · Thu 4 Aug '11, 6:22pm

Originally posted by MadK

Is there a way however that I can have the attachments folder in the web root with the appropriate CHMOD permissions? Maybe with .htaccess?

Not that I'm aware of. Why not just put the folder above under your web root as suggested?

**Ponydaddy** · Thu 4 Aug '11, 7:26pm

Originally posted by MadK

Sorry man, this forum is still in development stage and as such I would like to keep it private!

Was not talking about your fourms read what I posted

vBulletin 4 End of Life

CHMOD Permissions with attachments folder

[Forum] CHMOD Permissions with attachments folder

Comment

Comment

Comment

Comment

Comment

Comment

Comment