Recently I was troubleshooting some issues I was having with osTicket so in order to make sure permissions were not any issue I changed everything to File Attribute 0777 except for ost-config.php which is 0644.

Now that the problems have been resolved I want to secure the Help Desk as best as possible what is the recommended permission setting for most of the files and folders excluding ost-config.php (0644).

My guess is to make everything 0644 except for the API folder and files keeping them at 0755.

Please advise for best security permission settings but osTicket still functions correctly?

Regards,
BlackHawk17

So Kevin has posted this as the default permissions couple times:

$ find /path/to/osticket/ -type f -exec chmod 644 {} \;
$ chown www-data:www-data -R /path/to/osticket/

One of many sources: https://github.com/osTicket/osTicket/issues/4766#issuecomment-468694531

That being said I personally do not think that group or other needs permissions. The exception to that would be if your backups use a specific group to control access to do backups, or you want people in a specific group to be able to access the files (such as to perform edits).

@ntozier

Thanks for the reply back and good info!

I used FileZilla (FTP Client) to do the following:
Set All osTicket Directories = 0755
Set All osTicket Files = 0644
Exceptions = osTicket API files = 0755

Everything seems to still be working good. ?

Thanks for your help and please feel free to close this ticket.

Looks good to me. ?

Very welcome.

ntozier changed the title to [resolved] Recommended Overall File and Folder Permissions.
Write a Reply...