[TYPO3] Fileadmin got hacked

[Gilles Deacur]

Dmitry Dulepov wrote:
> Hi!
> 
> Gilles Deacur wrote:
> 
>>That's what the prob was.  Somewhere along the line it was set at 777
>>for all those files.
>>
>>However, I now changed it to 664.  They are set for "myusername nobody".
>>
>>All other directories are set to "myusername myusername" and I can enter
>>them with my FTP client, but cannot get into those 4 directories with my
>>FTP client.
>>
>>Also, my Typo3 backend won't load now.  (Or frontend.)  I get this:
>>
>>/abc/def/ghi/typo3conf/localconf.php is not found!
> 
> 
> It looks like web server does NOT run as nobody. Seems like this is a reason why
> permissions were set to 777. Does it work if you change permissions back to 777?
> 

If I set them all to 777, it all works good.

If I set them all to 776, it still appears fine.

If I set them all to 766, it breaks.

If I set them all to 774, it works.

If I set them all to 754, it works.

If I set them all to 755, it works.

When I say it works, I mean that it displays in the front end.

Right now, I set these to 755 and they are set at myusername:nobody .

Is this safe?

I ask because I had it set at 777 before and want to make sure I don't 
get leeches sucking up my bandwidth again with illegal paypal crud.

If it isn't safe, what do I need to do? And what do I need to get my 
host to do?


> 
>>I don't have access to chmod, so any username changes have to be done by
>>my host.
> 
> 
> So, you need to ask them to do this:
> 	chown -R yourusername:webservergroupname /abc/def/ghi
> 
> Than you can set permissions as I posted earler.
> 
> 
>>Yesterday I had my host erase the fileadmin folder and install an old
>>version, and I'm sure the chmod and chown wasn't copied.
> 
> 
> Depends on their backup method.
> 
> Dmitry.