Folder / File permissions problem

i have ISPConfig Version: 3.1.13 installed on my servers, all of them modified, so I cannot upgrade them.

I have found a big problem:
You can read other clients web folder's files if you know what you are looking for.
For example if you know that there is an index.html you can read the file.
All the client's web folders has 751 drwxr-x--x 9 web1506 client318 4.0K Jan 18 2017 web
And all the files inside the web has 755 by default -rw-rw-rw- 1 web1506 client318 19K Jan 1 2011 index.php

Is there a way (workaround without upgrade) to modify the default file permissions on existing files and for future uploaded files?
If yes what would you offer to use? 771?

best regards,
Peter Arany

 

i believe the web folder itself should be 711, the folders within the website, 755 should be ok.
most files should be 644, some should be 600 (anything that contains access credentials)

you could try from /var/www

Code:

find ./clients/client*/web*/web/ -type f -exec chmod 644 {} \;

that will change all files to 644.
you could then try

Code:

 find . -type f -name 'wp-config.php' -exec chmod 600 {} \; 

to change, in this example every wordpress wp-config.php file.
you'd have to change the filename to match whatever any other of your websites / CMS's use.

 

if you want to change the default file / folder permissions. i believe they are set in /usr/local/ispconfig/server/plugins-available/
apache2_plugin.inc.php or nginx_plugin.inc.php.
* these will get overwritten if ispconfig is updated. i'm not sure if putting a copy of these under conf-custom and making changes to them there will work.