How do I set up file permissions in Windows for PHP?
When using PHP permissions are misunderstood and common response is just giving too much access which is a security nightmare!
This is extremely important when configuring IIS manually on a VPS or Dedicated server, you want each site isolated from each other. This protects your server and other websites if one site is hacked or compromised.
If you’re just developing locally this isn’t too bad but it’s good practice to always configure it correctly, this will help find errors you may encounter in production but also that we should always be thinking about security.
Any reputable Windows web host would also be configuring their servers automatically using a control panel to configure secure permissions and website isolation so there is no need to worry about this if your with a shared website host. Most control panels will allow you to change if write permissions are enabled or not, this is a common fix for shared hosts and write permission issues.
Web development has changed a lot over the years and security is now a big focus point for web developers so while some would like to leave the IIS & Windows configuration to their server admins it’s good to understand and take responsibility.
It’s not hard to configure and after you’ve done it you’ll feel great knowing that you’re website is substantially more secure so let’s go.
