Loading...
 
Skip to main content

History: File and Folder permissions

Source of version: 19 (current)

Copy to clipboard
            !!!# File and Folder permissions
If your server is unhappy with Tiki file and folder permissions (this is dependent on server configuration), you may get an error message or blank pages. These failed attempts are typically in the error log (ask your web host to know where they are as it's different depending of your setup)

__Too few permissions__
If a message appears indicating that specific directories are not writable, you will need to change the permissions on the indicated directories. Tiki will attempt to verify that it can read (and write) to all necessary directories. This error message will include instructions about how to resolve the issue.

__Too many permissions__
If you are getting Internal Server Error 500, blank pages or similar, it could be that the permissions on the files are not appropriate for your webhost.

If your permissions are currently at "777", use your FTP client to change the files to "755". If Tiki is installed in a directory, make sure to also change the permission of the folder which contains the tiki files.

If you have shell access, you can run:
{CODE(colors=bash)}sh setup.sh{CODE}
and answer any questions. If you don't know what to answer, just click "enter" to keep the defaults.

{CODE(colors="scss")}
root@yourserver:/var/www/tiki# sh setup.sh

 Tiki setup.sh - your options
 ============================

Composer: If you are installing via a released Tiki package (zip, tar.gz, tar.bz2, 7z), you can and should skip using Composer. If you are installing and upgrading via SVN, you need to run Composer after 'svn checkout' and 'svn upgrade'. More info at https://dev.tiki.org/Composer
  
 c run composer and exit (recommended to be done first)

For all Tiki instances (via SVN or via a released package):

 f fix file & directory permissions (classic default)          o open file and directory permissions (classic option)
 S clear screen

 predefined Tiki Permission Check models:
 ----------------------------------------

 1 paranoia
 2 paranoia-suphp                        w suphp workaround
 3 sbox                                  W sbox workaround
 4 mixed
 5 worry                                 6 moreworry
 7 pain                                  8 morepain
 9 risky                                 a insane

 q quit                                  x exit

There are some other commands recommended for advanced users only.
More documentation about this: https://doc.tiki.org/Permission+Check

Your choice [f]? 
{CODE}

The option preselected in "Our choice" will initially be "c", to run "composer" script and get the required php dependencies for you. and in a second step, it will suggest "f", to fix file and directory permissions (classic default option). You can choose at any time the letter that best suits your needs, among the options offered. 

If "sh setup.sh" doesn't work for you, you may try, in your ./tiki/ directory
{CODE(wrap="1" theme="default")}chmod -R 777 ./db ./dump ./img/wiki ./img/wiki_up ./img/trackers ./modules/cache ./temp ./temp/cache ./temp/templates_c ./templates ./styles ./whelp/{CODE}
Another way is to set permissions for all directories and then set permissions for all files. For example, to set the permissions for all directories to __777__ and the permissions for all files to __644__, use the following separate commands through shell access:
{CODE(wrap="1" colors="bash")}
find [YOURDIR] -type d -exec chmod 777 {} \;

find [YOURDIR] -type f -exec chmod 644 {} \;
{CODE}
After correcting any directory or file permission problems, visit __tiki-install.php__ to continue.

!!!# SuPHP Problems
Systems with SuPHP need permissions 755 at maximum. Group __must not__ be allowed to write. This includes the complete path in the filesystem, not only document root of the webserver. Wrong permissions may lead to __500 Internal Server Error__ here. On the other hand less permissions (namely 750 without  ''x/execute/subdir entry'' for webserver) may lead to __403 Forbidden Error__.

!!!# Permission Matrix
Several usecases and minimum to maximum permissions you may try if something doesn't work properly. Permissions refer to data directly accessed by the webserver (files included by Tiki itself may and should have less permissions):
||::__Ownership__%%%username:groupname::|::__no SuPHP__%%%files / ''subdirectories''::|::__with SuPHP__%%%files / ''subdirectories''::
::webserver:webserver::|::600 - 666 / ''700 - 777''::|::?::
::user:user::|::604 - 666 / ''705 - 777''::|::600 - 644 / ''701 - 755''::
::user:webserver::|::660 - 666 / ''770 - 777''::|::?::
::webserver:user::|::660 - 666 / ''770 - 777''::|::?::||
!!!!# Option
{CODE(caption="For your consideration")}find . -type d -exec chmod 755 {} \; ; chmod 755 . ; find . -type f -exec chmod 755 {} \; ; chmod 751 db/local.php{CODE}
!!!!# Option
The following commands might be useful.  In particular, it might help you use an IDE (PhpStorm), etc: 
{CODE(caption="For your consideration")}
$ export PathToTiki="/var/www/tiki"
$ export WebServerOwner="www-data"
$ sudo usermod -aG ${WebServerOwner} $(whoami)
$ sudo chown -R ${WebServerOwner}: ${PathToTiki}
$ sudo chmod -R g+rw ${PathToTiki}
{CODE}
In English, the above code adds you to the web-server group; forces the tiki tree to be owned by the web-server user and group; and then makes sure the tiki tree is readable and writable by the web-server group (you).  Suggestions welcome!