File Access Rights

In most cases the webserver is only allowed to read the files on the hard disc. Therefore you have to assign write permossion for some directories. The write permission setup varies depending on the server:

• If you access the server via FTP: Schreibrechte (FTP)
• If you use a Linux Server: Schreibrechte (Linux)
• If you use a windows server: Schreibrechte (Windows)

Please grant the web server (i.e. the operating system user with whose rights the web server acts) write permissions for the following directories:

• The installation directory to which you have copied SoSci Survey. This is necessary because a separate subdirectory is created for each new survey project. Set the write permissions only for the installation directory and not for the included files and directories.
• All files and directories in the system subdirectory, if it already exists. Here the configuration is stored and log files and temporary files are stored. Note: The system directory is only created by the installation routine – if the web server has correct write permissions for the parent directory, the permissions are set automatically in the process.

Some directories must be accessed by the web server, but web server users (Internet surfers) must not be granted access. This must be ensured by a corresponding configuration of the web server.

The installation package contains some files named .htaccess – these files regulate, among other things, the access rights on a default configured Apache web server. Test the correct function by calling the URLs http://www.domain.tld/sosci/inc/-reach.php, http://www.domain.tld/sosci/lib/-reach.php and http://www.domain.tld/sosci/system/-reach.php'.

• If you get a „permission denied“ (or similar), everything is correctly configurated.
• If you can access the files and use an Apache server, the configuration via .htaccess has probably been disabled. In this case, you must prevent access in the Apache configuration (e.g. /etc/apache2/httpd.conf or apache/conf/httpd.conf) with a directory directive. You must specify the installation directory plus /inc, /lib and /system

<Directory /var/www/sosci/inc/>
  Order allow,deny
  deny from all
</Directory>
<Directory /var/www/sosci/lib/>
  Order allow,deny
  deny from all
</Directory>
<Directory /var/www/sosci/system/>
  Order allow,deny
  deny from all
</Directory>

• If you use the IIS 7:
  (The exact procedure is described step by step on IIS: Request Filtering)
  • Select IIS Request Filtering
  • Select the tab URL
  • Click on Deny Sequence
  • Enter „/inc“ in the popup and repeat the procedure for „/lib“ and „/system“.
• If you use an older IIS:
  • Open the configuration tool (configuration tool/) via Start → Settings → Control Panel → Administration → Internet Information Services
  • Navigate to the installation directory and there to /inc: Local Computer → Web Sites → Default Web Site → Installation Directory → inc
  • Right-click to display the settings for the directory: Properties → Directory Security → IP address and domain name restrictions → Edit
  • Select „By default, all computers will be: Denied access“
  • Repeat the last two steps for /system