Zhemoira Posted February 3, 2007 Posted February 3, 2007 After installing I get this message: Warning: I am able to write to the configuration file: /kunden/homepages/0/d105800290/htdocs/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file. Not sure how to go about setting the user permission. Thanks for your help in advance! Z
spax Posted February 3, 2007 Posted February 3, 2007 FTP to your site, right click on includes/configure.php, select Permissions or CHMOD and set to 644. If that doesn't remove the warning, set permissions to 444. Do the same for admin/includes/configure.php
Zhemoira Posted February 3, 2007 Author Posted February 3, 2007 FTP to your site, right click on includes/configure.php, select Permissions or CHMOD and set to 644. If that doesn't remove the warning, set permissions to 444. Do the same for admin/includes/configure.php Thanks... take took care of it! :D Z
Guest Posted February 5, 2007 Posted February 5, 2007 I did that and the warning is still there. My host recently updated to version 5 of PHP, would that have anything to do with it? Every time I've done a search on php 5 or version 5 php the forum search says I am searching for words that are not allowed like html or 'img'... I don't know how else to search for this answer without using php or 5, LOL Thanks!
spax Posted February 5, 2007 Posted February 5, 2007 Nothing to do with PHP5. Some server set ups won't allow you to change permissions via FTP. Just ask your host to do it for you. You can search using Google: Try This
Guest Posted February 5, 2007 Posted February 5, 2007 Wow, I never had that happen before. I change my file permissions all the time with ftp. I went into my WHM and changed them manually there and viola, I didn't realize that the ftp client wasn't making the change... it showed that it had been changed, but on the server itself, it wasn't changing. Go figure. Thanks for your help. :)
theasylm Posted February 10, 2007 Posted February 10, 2007 I am having the same issue, but the suggested resolution does not work. I have changed the permissions to 400 though all of the following (in order of application): FTP client, Webhost File Manager, SSH. I still receive the permissions warning. Any suggestions?
Vertent Posted February 10, 2007 Posted February 10, 2007 Well you could do what I did and edit the bottom of the includes/application_top.php file. Where it says define('WARN_CONFIG_WRITEABLE', 'true'); you can change it to "false" and it will disable that check. The way I see it, if the file is unwritable like it wants it to be, then there's no harm in just disabling the check if it's getting in my way, lol. Though I'm certain this will come back to bite me in the ass, lol.
ben_stilwell Posted February 10, 2007 Posted February 10, 2007 IF that were the case then it would suggest that the check is faulty. I'm in the same position as TheAsylm. But I'd rather ensure that the site is ensure before disabling the check. If it indeed can't write to the file then great but if it can then its certainly a problem.
spax Posted February 10, 2007 Posted February 10, 2007 You could run a test to see if you can write to it. Save this as write.php or whatever you want and upload to your osC root. <?php $filename = 'includes/configure.php'; $somecontent = "Remove this text!!!"; // Let's make sure the file exists and is writable first. if (is_writable($filename)) { // In our example we're opening $filename in append mode. // The file pointer is at the bottom of the file hence // that's where $somecontent will go when we fwrite() it. if (!$handle = fopen($filename, 'a')) { echo "Cannot open file ($filename)"; exit; } // Write $somecontent to our opened file. if (fwrite($handle, $somecontent) === FALSE) { echo "Cannot write to file ($filename)"; exit; } echo "<font face='Verdana' color='red'><b>Warning! Warning! Warning!</b></font><br><br><font face='Verdana'>\"<font face='Verdana' color='green'>$somecontent</font>\"<br><br>was added to the bottom of $filename<br><br>This file is writable, please set correct permissions.</font>"; fclose($handle); } else { echo "<font face='Verdana'>No sweat, the file <b>$filename</b> is not writable.</font>"; } ?> Now run it from your browser - www.your_domain.com/write.php You'll either get a message telling you configure.php has been written to or not. If it has, you need to remove the text written to it at the bottom of the file and you'll need to change permissions. Scipt from php.net :thumbsup:
ben_stilwell Posted February 10, 2007 Posted February 10, 2007 Interesting. When I do 444 I receive the Can't Open File error. 644 gives me the Warning Warning message.
spax Posted February 10, 2007 Posted February 10, 2007 After the warning, check if the text has been added to the configure file.
ben_stilwell Posted February 10, 2007 Posted February 10, 2007 oh yes. When I recieve the Warning Warning message it certainly writes to the file. But why would I get cannot open file?
spax Posted February 10, 2007 Posted February 10, 2007 Because 444 is more strict than 644. Does the site work at 444?
ben_stilwell Posted February 10, 2007 Posted February 10, 2007 index still gives the warning on 444. I understand that its more strict but a readonly file should still be capable of opening isn't it? But not opening for append right. That's why. So it wasn't exactly definitive. I still get the error on index.php, but should I be confident in the fact that it can't be written to?
spax Posted February 11, 2007 Posted February 11, 2007 The whole point of the script was to see if your configure file could be written to. At 644 it tells you it can be but at 444 it is safe. Mission accomplished - don't over analyse!
ben_stilwell Posted February 11, 2007 Posted February 11, 2007 Yeah I suppose. Anyone know offhand where the code it that performs the check? It'd be nice to see what is happening, or what its doing differently but in the meantime I can comment out the code that makes the call.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.