Foothill College home page
CTIS - UNIX Help, Documentation & FAQ Pages
Problems with Web Page Permissions

This page documents problems associated with incorrect permissions of standard web publishing files (or folders) uploaded to our UNIX web server. This means files of type .html, .jpeg, .swf, .txt, etc. For programming students writing CGI programs, see the section at the end of this document which address .cgi permissions.

If an .html file has the wrong permissions, or the folder has the wrong permissions, the net result is that either the entire page is not visible or elements within the pages are not displaying. You are likely to see the following when you type in the url to your page:

Error shown when permissions are not correct - screen shot

If a graphic or .swf element within the page has incorrect permissions then you are likely to see the rest of the page but the element with the improper permissions will not be displayed and you will not see any error message.

Another related and similar problem/topic is when you see this error message:

Error shown when the file cannot be found - screen shot

If you see a "Not Found" type message, then see the topic on web page display problems because it is not related to permission problems.

UNIX Files have Permissions

Every file and folder in the UNIX operating systems has a set of permissions associated with it. There are three sets of permissions for any file - those associated with its owner, those associated with a group, and the permissions for everyone else - guests or others.

Because UNIX was developed as a multi-user system, the idea is that a specific user can protect his/her files from everyone else, or choose to share them with others in related working groups, or perhaps even to share them with everyone else - others or guests.

The image below demonstrates this. In this example, the file named foo.html is readable and writable by the owner of the file. Members of the staff group and others (guests) may also read the file.

Example image showing UNIX file permissions

What's this to do with my Web Files?

Well since EVERY file and folder in UNIX has permissions, then it follows that the permissions of the web files you upload must be correct in order for the web server to obtain them and return them to the requesting client.

Don't worry, its easy. And chances are that your SFTP client and our server will communicate in a friendly way and you will never have to concern yourself with permission issues. But you are reading this, so I'm assuming that you are either an inquisitive person or you are here trying to resolve a problem you're having with your uploaded files... again, its pretty simple and you don't have to become a UNIX techie to solve your problems :) If you've solved it once, chances are the next time this happens it will will literally take seconds to fix.

The Web Server - who is that?

Before getting into the specifics of the actual permissions, you need to understand what the server is and how the UNIX operating system regards the web server.

The web server's job is to return files to users who requested them in their web browser. The server needs access to your web files. If the server cannot access your files then we see the errors above... that IS the problem after all! To the UNIX operating system, the web server is just another user. Since you own the files, the files must have the permissions set so that others (the web server) can get at them.

Folder Permissions

Your uploaded file(s) resides in a folder somewhere on the server so we'll cover them first. The folder has to have the correct permissions as does the file(s) within that folder. For the purposes of this example, lets assume your problematic file is named foo.html and that file resides in the web directory that we built for you named public_html

Now the folder named public_html was built for you. All of your web files should be stored inside that folder. The permissions were set for this folder so that should not be the problem, unless you accidentally changed it (then change it back :) Here is what the permissions look like for a folder that contains web published files and the rationale behind the settings:

Image of the proper permissions for a folder

  • As the owner of the folder you want all permissions set for you.
     
  • In our case the group setting is meaningless. Its possible that your instructor is using groups, but if they are it is not anything you need to know about for web publishing in our environment.
     
  • The OTHERS setting is the important one because it applies to guests, and the web server is a guest to the operating system.
     
    The server must be able to read the files... make sure it is checked.
     
    The server must be able to execute folders/directories. This means simply that the server can open or enter the folder... make sure it is checked!
     
    The server should not be able to write to the folder. This would be a security problem in that you do not want guests being able to write to your web directories <ouch>, so leave this unchecked!

File Permissions

Normal web files have these permissions. This applies to .html, .jpeg, .swf, .pdf, and others:

Example image showing correct permissions for a file

  • The owner should be able to read and write the file. Whether it is executable or not depends upon the purpose. For most web files you should have the execute bit turned off.
     
  • In our case the group setting is meaningless. Its possible that your instructor is using groups, but if they are it is not anything you need to know about for web publishing in our environment.
     
  • The server must be able to read your files, but there is no reason for the server to write or execute normal web files.

So, how do I set these permissions? It's simple!

  • Open your SFTP client and connect to our systems.
     
  • Navigate to where the file or folder is located and click on it.
     
  • Click on the Info button to open a dialog box that is similar to the illustrations in this handout.
     
    Now every piece of software is different. It may be called Info, Properties, or even Permissions. Somewhere there is a command that allows you to change the permissions of files and folders.
     
  • Change the permissions. Don't forget to click Apply or OK, or whatever your software uses to apply the changes you just made.
     
  • Keep your SFTP program open and connected in case you need to make changes.
     
  • Go to the file's URL in a browser and see if the problem has been resolved. If it has you can quit the SFTP program.
     

CGI Permissions

If you are a programmer who is writing executable .cgi scripts, your .cgi files should have permissions that look like this:

Screen shot of the proper permissions for a .cgi file

  • The web server (others) must be able to read and execute the file.
     
  • The server should not be able to write to the file!

There are of course many other things that can prevent a script from working properly and you'll get no feedback from the browser as to the source of the problem. If you are having problems, check out the tool we have to view the server's CGI Error Log.