AR_1986 Posted June 9, 2009 Posted June 9, 2009 Hi, im trying to get my oscommerce site running but im having a few annoying issues. I am currently using WS_FTP client to upload the files to the htdocs directory, although i have tried filezilla, ftpcore aswell. i have installed the site but i keep getting the following error at the top of the site: - Warning: I am able to write to the configuration file: /home/fhlinux197/e/mywebsite.co.uk/user/htdocs/includes/configure.php. This is a potential security risk - please set the right user permissions on this file. I have tried virtually everything i can think of to change the file permissions for the following but it never works: - catalog/admin/includes/configure.php catalog/includes/configure.php i look for both files, i right click on them, click properties and change the numeric value to whatever, i've tried them all. I've tried all different file permissions aswell, 644, 777, 755 and at fist glance, this appears to work but no matter what nothing will get rid of that error message when i load www.mywebsite.com/index.php. It says it has changed them on the file properties and proceeds to upload them to the server but when i double check the browser the same error appears. Is it a problem with the configure.php file? because no matter what ftp client im using it makes no different, changing the file permissions does nothing. I have contacted my hosting provider and they said 'Thank you for your query This is something you will need to resolve by using SSH. You cna change the permissions or remove the warning from your contents. Unfortunately we do not provide any support for your design or website contents/scripting directly.' the problem is i have no idea what that is or how to do it? I've searched it on google and found alot of people who have the same problem but there doesn't seem to be a solution. has anyone managed to solve this problem? Is there something im doin wrong. Any help would be greatly appreciated, im pretty new to PHP and im struggling already. Many, many, many many thanks :D :D
web-project Posted June 9, 2009 Posted June 9, 2009 try 444 or you will need to modify the application_top.php to disable the notification about the configure.php file is writeable. Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here! 8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself. Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues. Any issues with oscommerce, I am here to help you.
AR_1986 Posted June 9, 2009 Author Posted June 9, 2009 try 444 or you will need to modify the application_top.php to disable the notification about the configure.php file is writeable. Hi web-project, cheers for the reply, i tried it but got nothing. I tried changing both permissions to 444 and 400 but for some reason by the time i have changed the permission of the second configure.php in /htdocs/admin/includes/configure.php, the first in /htdocs/includes/configure.php has reverted back to its original permission. /htdocs/admin/includes/configure.php reverts back to 604 /htdocs/includes/configure.php reverts back to 644 I launched the browser but the error message is still there. I'd rather figure a way of solving the root of the problem then disable it and risk my site being hacked. 'Warning: I am able to write to the configuration file: /home/fhlinux197/e/mywebsite.co.uk/user/htdocs/includes/configure.php. This is a potential security risk - please set the right user permissions on this file.
BryceJr Posted June 9, 2009 Posted June 9, 2009 FTP tends to be flaky sometimes. The best way to change permissions that stick is to use your webhost control panel.
AR_1986 Posted June 9, 2009 Author Posted June 9, 2009 FTP tends to be flaky sometimes. The best way to change permissions that stick is to use your webhost control panel. ok, i closed WS_FTP and tried the same thing using my webhost ftp but the same things happens, i change one of the permissions and then as soon as i go to change the second, the first reverts back. In the webhost ftp it allows you to chmod permissions for individual fils and to set all permissions, even when i set the permission on the configure.php file its says: - File /htdocs/includes/configure.php was successfully chmodded to 444 All the selected directories and files have been processed. but even using their system the same thing happens. as soon i change the second configure.php permission, the first reverts back to its default. lol AAARRGHHH its killing me! I just cant get rid of that message! any ideas anyone? im desperate <_<
AR_1986 Posted June 9, 2009 Author Posted June 9, 2009 ok, i closed WS_FTP and tried the same thing using my webhost ftp but the same things happens, i change one of the permissions and then as soon as i go to change the second, the first reverts back. In the webhost ftp it allows you to chmod permissions for individual fils and to set all permissions, even when i set the permission on the configure.php file its says: - File /htdocs/includes/configure.php was successfully chmodded to 444 All the selected directories and files have been processed. but even using their system the same thing happens. as soon i change the second configure.php permission, the first reverts back to its default. lol AAARRGHHH its killing me! I just cant get rid of that message! any ideas anyone? im desperate <_< omg...i just double checked on my webhost ftp and its not even changing the permission when it says it is. its says: - File /htdocs/includes/configure.php was successfully chmodded to 444 All the selected directories and files have been processed. then as soon as i refresh the page it reverts back to 644. what the hell is going on lol
totalnumpty Posted June 23, 2009 Posted June 23, 2009 I'm getting the same problem after migrating from web-mania.com hosting to pickaweb.co.uk As far as I can tell, they are/were both PHP 5.x and MySql 5.x This was a straight ftp download/upload using the same folder structure, and a SQL export/import (had to change the name of the database inside the SQL export before import on the new host - no problems were presented. The admin and catalog includes/configure.php files were edited prior to upload to the new hosts, to reflect new user name, password, database name etc. The site is working exactly as it was on the old host except for the pink warning about configure.php being writeable (including still having the bug of IE 6.5 breaking the table layout on the home page that I'm still trying to track down). Both my configure.php files are 644 with the includes folders at 755 as per the previous installation (and standard configuration advice) - nothing has changed at permissions level, and refuses to change as per the OPs experience (am now wondering if this is related to user identity and even if same user name, being on different hosts means the user on the new host is being locked out of changing due to files being tied to identity on the old host? - just a wild thought) What's really annoying (Harald take note) is that the error message gives the full file path including hosting account name - that is a really serious security bug displaying that to the world - the file path NEEDS truncated in these error messages so that only the folder tree down from catalog is displayed. I'm at a loss as to why this is happening, and like the OP, I want to fix the problem, not just disable display of the error - sweeping it under the coding carpet is just begging for a site take-over by hackers. Gaz Wearing a seatbelt prevents head injuries when the computer crashes - - - Yeah Right!!! - not in this office.
totalnumpty Posted June 23, 2009 Posted June 23, 2009 UPDATE (for my install anyways) Checking more - the warning was not appearing in admin, so I left that configure file at 644, but changed the catalogue/includes/configure.php file using the hosting cPanel File Manager and made it stick with 444 The warning on the public catalogue has now disappeared. Hopefully this doesn't cause further issues later. Gaz Wearing a seatbelt prevents head injuries when the computer crashes - - - Yeah Right!!! - not in this office.
Jon Burdon Posted August 14, 2009 Posted August 14, 2009 try 444 or you will need to modify the application_top.php to disable the notification about the configure.php file is writeable. My web host will not let me set the permissions to 600 or even 644 on this file. Can anyone explain how to modify the application_top.php file and disable this notification?
germ Posted August 14, 2009 Posted August 14, 2009 Look here If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you. "Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice." - Me - "Headers already sent" - The definitive help "Cannot redeclare ..." - How to find/fix it SSL Implementation Help Like this post? "Like" it again over there >
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.