AbanteCart Community
Shopping Cart Operations => Support => Topic started by: MessEleven on April 26, 2017, 11:05:00 AM
-
Just the latest in a LONG line of issues. I really regret having upgraded to 1.2.10. If we ever get this straightened out, we're done with upgrades. The latest is the following persistent error message:
public_html/system/config.php file needs to be set to read and execute modes to keep it secured from editing!
I've just completed changing the file permissions for this config file to every possible combination, and still the error message persists. I've deleted the cache, yet no change seems to affect it. Functionality on the site seems to be fine now, but we're concerned about the security. Any thoughts?
-
Set public_html/system/config.php to 644 and it will be safe. This file is never effected in the upgrade.
-
Changed it as you suggested to 644, opened our site and immediately got the error message again.
-
Changed it as you suggested to 644, opened our site and immediately got the error message again.
Are you sure that message is not old. Is your server on linux or windows based OS?
-
Try 755 or 555
-
Server is Linux, and I've already tried both of those combinations. Is there a chance that I might have incorrect permissions elsewhere that are affecting this? The error warnings are new each time I clear them, and open a page on the site. I'll send you a pm of the site's address.
-
The system checks if file is writable for the web user (apache).
if (is_writable(DIR_SYSTEM . 'config.php')) {
I suspect that public_html/system/config.php owner is the same as your web user. If you set file permissions 555 or 444 this check will pass.
-
Tried it both ways (555 and 444) with no luck. Still getting error messages. Regardless of the messages, is the site safe using any of these configurations, including 755?
-
Hello, MessEleven. AbanteCart do the best to report you an issue with security. System check if config.php file writable because some servers not configured correctly or to avoid server administrator mistake.
This message just indicate a problem to help you be more secure.
Please read a bit about permissions but it is more about your server/users configuration and not about AbanteCart ;)
http://docs.abantecart.com/pages/tips/troubleshooting.html#permissions
If you just want to hide this message and you sure your permissions are correct simply disable System check in Admin > System > Settings page.
-
I think I've finally figured it out. Instead of changing permissions with cPanel, I was doing it with the remote server through Dreamweaver. For some reason when doing so, the changes on the server side weren't being saved. I made the permission corrections last night via cPanel instead, and voila! No error messages since.
Thank you both - eCommerce Core and Basara - for your help with this frustrating issue!
-
Thank you for reply back. This will help other AbanteCart Community users ;D