for example, .htaccess should be 400, not 644, but that causes problems for allot of people when setting a permalink structure, etc.
On a properly secured server, nothing needs to be lower than 644.
The problem here, and the reason I have to say "in general" is that there are billions of ways to configure a server, none of which we have any control over.
As you say, setting .htaccess to 400 causes some problems for some people, that's because of how the server is configured. And, I say 644 should be fine, because that's how the server *should* be configured.
Just like you can't really control the crime level of the community you live in, and can therefore only take reasonable steps to protect your home at a good balance between security and convenience, the same is true for any web software existing on any server.
And, that's the slightly longer explanation for why a lot of these recommendations are "in general."
seems like it might be a good idea for WP to set file permissions/ownership
WordPress itself can't really set file permissions/ownership, as those are initially set during file transfer and according to the server configuration.
WordPress ...
ما را در سایت WordPress دنبال می کنید
برچسب : نویسنده : استخدام کار wpss بازدید : 286 تاريخ : چهارشنبه 30 تير 1395 ساعت: 11:19