Sovereign rights over directories and files on the server (CRUD, CHMOD)

kmueller · October 23, 2022, 8:46am

I have a general question about Kirby’s behavior regarding directory and file attributes on a production server. Perhaps this has already been answered elsewhere. I would be grateful for a link then.

It’s about sovereignty over the data on the server.

If I have just installed a Kirby application (v3.8.0) on a server, I can do whatever I want with my FTP user with files and directories (Create, Update, Delete, CHMOD).

If I create a new page in the panel, e.g. as a draft, that changes. There is then a _drafts folder with the file attributes 750. The behavior: 1. In the panel I can delete the draft, 2. As an FTP user I cannot delete the draft, nor can I change the file attributes, e.g. from 750 to 777.

As a test, I asked the Internet provider to change that. With the following consequence: 1. I could no longer delete the draft in the panel, 2. As an FTP user, I can delete the draft.

I don’t understand that. Could someone explain this to me in simple words? I’d really appreciate it!

Thank you.
BR Kai

texnixe · October 23, 2022, 9:16am

This should give you quite a good overview about file ownership and permissions which are the two factors that determine access to files:

The owner of your kirby project files should be the apache user (if you are on an Apache server), which is usually the www-data user and group.

There should be no FTP access to the server, always make sure to use SFTP (Security | Kirby CMS)

kmueller · October 23, 2022, 9:39am

You are so quick Thank you!