Of course everyone want to secure there website. I'd like to lock up my files but I could use some general advice and a pointer to some good info.
Most of my stuff is in public_html. that folder is set at 750.
I'm more concerned about folder scgi-bin which I run at 700 cause it runs most of my scripts by cron. I open it up briefly to 701 to run some script testing from the internet.
Most of the web pages are in folder html_css at 711 and the web pages in the files at 644.
So the goal would be to lock thing down to prevent updates, allow only need/minimal execution or reading that would be required to view the website and no more.
Some of the testing I've done leads me to believe I don't understand the security that well because some times files are viewable for the internet when the security on the files is set just to 700.
General pointers, doc references, 'dont do that', best practices....all welcome.
