#!/bin/bash

# Your home directory and public_html directory both need execute permissions set.
chmod 711 ~
chmod 711 ~/public_html

# Don't let other people read your stuff.
find ~ -prune ~/public_html -exec chmod go-rwx {} \;

# Normal files need to be readable by everybody.
find ~/public_html -type f -not -name \*.pl -not -name \*.php -not -name \*.cgi -exec chmod 644 {} \;

# CGI scripts only need to be readable by you, and you need to be able to execute them.
# This is because Apache is set up to use suexec, so runs with your user's permissions.
find ~/public_html -type f -name \*.pl -or -name \*.php -or -name \*.cgi -exec chmod 700 {} \;

# Directories need executable permission.
# Optionally, use the commented line to stop people using directory listings.
find ~/public_html -type d -exec chmod 755 {} \;
#find ~/public_html -type d -exec chmod 711 {} \;