Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Potential Security Risk


OvIDe

Recommended Posts

Warning: I am able to write to the configuration file: /home/accountname/public_html/shop/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

 

I'm getting this error on my index page from my shop.... This file has permission 744 set to it... Can somebody help me out on this one?

 

Thx!

Link to comment
Share on other sites

The most secure setting for the includes/configure.php file is 400 (Owner - Read Only). If you are trying to change the setting using the CHMOD command via FTP, and your site is hosted on a Windows server then the CHMOD command will not work. If you're hosted on a Windows server then you'll have to use the File Manager in your Web Hosting control panel to change the permissions - either that or use Telnet orSSH access (if you have either of those).

 

Even if you are on a Linux/Unix server you still may not be able to use the CHMOD command - many low cost hosting companies will not allow it to be used.

 

Vger

Link to comment
Share on other sites

The most secure setting for the includes/configure.php file is 400 (Owner - Read Only).  If you are trying to change the setting using the CHMOD command via FTP, and your site is hosted on a Windows server then the CHMOD command will not work.  If you're hosted on a Windows server then you'll have to use the File Manager in your Web Hosting control panel to change the permissions - either that or use Telnet orSSH access (if you have either of those).

 

Even if you are on a Linux/Unix server you still may not be able to use the CHMOD command - many low cost hosting companies will not allow it to be used.

 

Vger

 

I am able to do chmod, did it a few times before.... And nothing has changed on the server, nor on the boxadmin his side nor on my side... just can't understand why I get this error :s

Link to comment
Share on other sites

I am able to do chmod, did it a few times before.... And nothing has changed on the server, nor on the boxadmin his side nor on my side... just can't understand why I get this error :s

 

Double check and make sure your permissions are actually changing. Sometimes when you change them with your ftp program they are not really getting changed. Try checking in the file manager in your hosting control panel. You might also contact your hosting company. If the permissions are really 444 then the message should go away.

The Knowledge Base is a wonderful thing.

Do you have a problem? Have you checked out Common Problems?

There are many very useful osC Contributions

Are you having trouble with a installed contribution? Have you checked out the support thread found Here

BACKUP BACKUP BACKUP!!! You did backup, right??

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...