Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Set both configuration.php permissions to 644, still get warning


Marchatto

Recommended Posts

When accessing my store there's a pink warning at the top:

 

Warning: I am able to write to the configuration file: /home/kickin7/public_html/store/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.

 

Meanwhile both my configuration.php files are set to 644 (I tried to set them to 444 but they automatically revert to 644).

 

What do I need to do now? Thanks!

Link to comment
Share on other sites

If you cannot reset permissions fully via FTP then go to your web hosting control panel and use the File Manager link to navigate to the files and then use it to change the permissions. Try 444 and that should work, but if it doesn't then use 400.

 

Vger

Link to comment
Share on other sites

If you cannot reset permissions fully via FTP then go to your web hosting control panel and use the File Manager link to navigate to the files and then use it to change the permissions. Try 444 and that should work, but if it doesn't then use 400.

 

Vger

 

Thanks! OK, but the manual says you can set them to 644 after installing... is it still recommended to set them to 444? I'm confused...

Link to comment
Share on other sites

Thanks! OK, but the manual says you can set them to 644 after installing... is it still recommended to set them to 444? I'm confused...

 

Yes, it is still recommended that you set the permissions for configure.php to 444 because configure.php doesn't need to be written to. Set it to READ ONLY via file manager or your ftp client. Why leave a file at 644 if 444 works? No need to make your store a target for hackers, etc.

 

Also, you don't want your customers to see that ugly warning message at the top of your site either... ;)

Link to comment
Share on other sites

Yes, it is still recommended that you set the permissions for configure.php to 444 because configure.php doesn't need to be written to. Set it to READ ONLY via file manager or your ftp client. Why leave a file at 644 if 444 works? No need to make your store a target for hackers, etc.

 

Also, you don't want your customers to see that ugly warning message at the top of your site either... ;)

 

That makes a whole lot of sense, thanks! OK I just set the correct (444) permissions through my file manager, took 3 seconds, thanks guys!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...