Guest Posted April 10, 2005 Posted April 10, 2005 Ok, I think Im getting somewgere now, please help me with this one so I dont screw this up again... Warning: I am able to write to the configuration file: /customers/**************/httpd.www/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file. Last time I was going to do this.. I didn?t get what I was going to change/add? Exactly what, someone? And please Im swedish so no to hard english for me to understand :D
Guest Posted April 10, 2005 Posted April 10, 2005 CHMOD the file to permission 644 or 444 via FTP or SSH.
Guest Posted April 10, 2005 Posted April 10, 2005 CHMOD the file to permission 644 or 444 via FTP or SSH. <{POST_SNAPBACK}> Ok Thanks for the answer :thumbsup: But.. that wasnt even english, thats was like greek to me :D What does that mean? Like can I open the file in notepad and change it from there and then upload it with my ftp?? And in that case? exactly where should I change and what should I write? (copy n paste code here maybe??) Or am I totally blond here? Thanks for helping me out, really apprecciate it! :D
Simplyeasier Posted April 10, 2005 Posted April 10, 2005 Ok, I think Im getting somewgere now, please help me with this one so I dont screw this up again...Warning: I am able to write to the configuration file: /customers/**************/httpd.www/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file. Last time I was going to do this.. I didn?t get what I was going to change/add? Exactly what, someone? And please Im swedish so no to hard english for me to understand :D <{POST_SNAPBACK}> Do you understand chmod ? In Unix you can set permissions so that "users" of a file or directory can have different levels of action on it (Read, write and execute) What you are being asked to do is set the permissions of your configure.php files (2 of them one in catalog/includes and other in catalog/admin/includes ) so that only you can access and do things to the configure files. To do this you need to use your FTP client (Smart FTP is good) and when you FTP into your server you need to navigate to the configure.php files in the paths I have listed above - then right click in the right hand panel and look for chmod - set the permissions for both files to 644 , 444 or best 400. If doing it the above way is not making sense you can log into your server and use your hosts control panel to do the same thing - but you will need to understand their control panel features and how to use them to chmod file and directory permissions. Charles A kite flies highest AGAINST the wind ! "Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, a lover in one hand, martini in the other, body thoroughly used up, totally worn out and screaming ~ WOO HOO!! What a ride!"
Guest Posted April 10, 2005 Posted April 10, 2005 Oh, thank you so much! Now I got that! Just having one problem.. When I have changed them.. and then go back to look at them again.. the CHMOD permission is back to 755 :( why doesn?t it stay the way I changed it?? thanks!
Guest Posted April 10, 2005 Posted April 10, 2005 Oh, thank you so much! Now I got that! Just having one problem.. When I have changed them.. and then go back to look at them again.. the CHMOD permission is back to 755? :( why doesn?t it stay the way I changed it?? thanks! <{POST_SNAPBACK}> Some FTP programs are not compatible with some servers. You might already have the CHMOD feature included in your hosting account already. If not, your host should be able to give you an advise on the matter. Also check that your server is not running on Windows OS. Windows have their own way of setting file permissions.
Guest Posted April 10, 2005 Posted April 10, 2005 Some FTP programs are not compatible with some servers. You might already have the CHMOD feature included in your hosting account already. If not, your host should be able to give you an advise on the matter. Also check that your server is not running on Windows OS. Windows have their own way of setting file permissions. <{POST_SNAPBACK}> Ok, thanks! I am running on windows, so it doesnt work then or ?? Ive contacted my host :D
♥14steve14 Posted April 10, 2005 Posted April 10, 2005 An easy way for now to protect those files is to use Internet explorer to do it. Instead of http:// before the url, just type ftp://. When the files open, right click on the file you need to correct and alter the properties. Simple job done. Hope this helps you. REMEMBER BACKUP, BACKUP AND BACKUP
Guest Posted April 11, 2005 Posted April 11, 2005 An easy way for now to protect those files is to use Internet explorer to do it. Instead of http:// before the url, just type ftp://. When the files open, right click on the file you need to correct and alter the properties. Simple job done. Hope this helps you. <{POST_SNAPBACK}> I just get a "page can not be shown" ??? Aaaw.. that would have been great if it was that easy =) My host told me I couldnt change it in my ftp. So now I dont know what to do!?
Guest Posted April 11, 2005 Posted April 11, 2005 Oh, no wait! I was able to change it, but the warning is still there :huh: Is there something I should change in the file configure.php??
♥Vger Posted April 11, 2005 Posted April 11, 2005 As your site is on a Windows server there are two ways in which you can alter the file permissions - one is by using your web hosting control panel, the other is by using an SSH or Telnet connection (more advanced - so stick with the first). Go to the hosting control panel provided by your web hosting company, and look for something like 'File Manager'. Once you have found that navigate to the file you want to change permissions on, and then there are various possibilities. 1. Left clicking will bring up a dialog box where you can change permissions. 2. Right clicking and selecting Properties will allow you to reset permissions. If you can't find the File Manager then ask your hosting company where you can find it. As this is a Windows server you should be alright changing permissions on includes/configure.php to 644. Vger
♥Vger Posted April 11, 2005 Posted April 11, 2005 Sometimes, and this normally only happens on Windows servers, the configure.php file that controls everything is found in includes/local (as well as in includes). See if there is a configure.php file in includes/local, and if there is download a backup of it (just in case) then delete the one on the server. osCommerce is set up to look first for a configure.php file in the includes/local folder (for development only). Vger Oh, no wait! I was able to change it, but the warning is still there :huh: Is there something I should change in the file configure.php?? <{POST_SNAPBACK}>
Guest Posted April 11, 2005 Posted April 11, 2005 Sometimes, and this normally only happens on Windows servers, the configure.php file that controls everything is found in includes/local (as well as in includes). See if there is a configure.php file in includes/local, and if there is download a backup of it (just in case) then delete the one on the server. osCommerce is set up to look first for a configure.php file in the includes/local folder (for development only). Vger <{POST_SNAPBACK}> Thanks for helping me out! No, there is no configure.php in the local folder :wacko: Im getting nowhere with this lol Look at this ... // Define the webserver and path parameters // * DIR_FS_* = Filesystem directories (local/physical) // * DIR_WS_* = Webserver directories (virtual/URL) define('HTTP_SERVER', ''); // [COLOR=purple]eg, http://localhost - should not be empty for productive servers[/COLOR] define('HTTPS_SERVER', ''); // [COLOR=purple]eg, https://localhost - should not be empty for productive servers[/COLOR] define('ENABLE_SSL', false); // secure webserver for checkout procedure? Should I be adding something between the '', cause I tried that earlier, destroyed the whole thing and had to delete and install all over again. I dont want to do that again lol
Guest Posted April 11, 2005 Posted April 11, 2005 duh... the colors didnt work in teh codes box, well anyway, u probobly know the codes anyway =)
♥Vger Posted April 11, 2005 Posted April 11, 2005 define('HTTP_SERVER', 'http://www.yourdomain.com'); Vger
Guest Posted April 11, 2005 Posted April 11, 2005 define('HTTP_SERVER', 'http://www.yourdomain.com'); Vger <{POST_SNAPBACK}> Oh thank you! I was going to change to that, only to discover it was already there! So now what? LOL I will never get rid of that warning sign :sweating:
♥Vger Posted April 11, 2005 Posted April 11, 2005 If all else fails, go to includes/application_top.php and change this: define('WARN_CONFIG_WRITEABLE', 'true'); to this: //define('WARN_CONFIG_WRITEABLE', 'true'); This only gets rid of the warning - doesn't solve the problem. Vger
Guest Posted April 11, 2005 Posted April 11, 2005 If all else fails, go to includes/application_top.php and change this: define('WARN_CONFIG_WRITEABLE', 'true'); to this: //define('WARN_CONFIG_WRITEABLE', 'true'); This only gets rid of the warning - doesn't solve the problem. Vger <{POST_SNAPBACK}> Ok thanks! Ill wait on that one, if I dont find a sollution Ill have to do that huh.. thank yooooou!
Guest Posted April 12, 2005 Posted April 12, 2005 Hmm.. ok got an answer from my host (wich does not have the very best support, but anyway) And I got this not so obvious answer... No, you have to put in a script that will change it: <?php chmod("fil1.php", 0400); ?> Just put it in the same folder, and it would change. Sooooooooo.. what does that mean? where should I put the script?? In the configure.php? OR in the same folder as he said? How do I put a script to a folder????? Should I make a new php file that lies in teh same folder...? Jees, didnt make much sence to me that answer =)
♥Vger Posted April 12, 2005 Posted April 12, 2005 Okay, create a new text file (.txt) on your desktop. Open it, click Save As, and put this into the box (with the double quotes): "chmod.php" This will save the text file as a .php file. Then put this code inside it: <?php chmod("configure.php", 0400); ?> FTP the file to your includes folder, and then put this address into your browser: http://www.yourdomain.com/includes/chmod.php That should do it. Having to do things in this way does not say a lot for your hosting company! Vger
KennethS Posted April 12, 2005 Posted April 12, 2005 You would put that in a php file, name it like chmod.php. Change it as follows: <?php chmod("configure.php", 0644); ?> Put the file in the directory with the configure.php file you want to change the permissions on then using your browser type in the address to the file. That may work but I cant guarantee anything. Kenneth S -------------- Customer "Are you a real programmer?" Me "No, but I did stay at a Holiday Inn Express last night"
♥Vger Posted April 12, 2005 Posted April 12, 2005 You would only put it chmod 644 on a Windows server. Use 644 on Apache on a Unix/Linux OS and you'll still get the warning. Vger
Guest Posted April 13, 2005 Posted April 13, 2005 :'( It didnt work! This means like, I cant have a shop? I cant have a writable shop out there :( Thanks for trying to help me out!
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.