Incorrect File Permissions

MessEleven · April 26, 2017, 11:05:00 AM

Just the latest in a LONG line of issues. I really regret having upgraded to 1.2.10. If we ever get this straightened out, we're done with upgrades. The latest is the following persistent error message:

public_html/system/config.php file needs to be set to read and execute modes to keep it secured from editing!

I've just completed changing the file permissions for this config file to every possible combination, and still the error message persists. I've deleted the cache, yet no change seems to affect it. Functionality on the site seems to be fine now, but we're concerned about the security. Any thoughts?

eCommerce Core · April 26, 2017, 03:31:29 PM

Set public_html/system/config.php to 644 and it will be safe. This file is never effected in the upgrade.

MessEleven · April 26, 2017, 03:44:17 PM

Changed it as you suggested to 644, opened our site and immediately got the error message again.

eCommerce Core · April 26, 2017, 03:51:50 PM

Quote from: MessEleven on April 26, 2017, 03:44:17 PM
Changed it as you suggested to 644, opened our site and immediately got the error message again.

Are you sure that message is not old. Is your server on linux or windows based OS?

eCommerce Core · April 26, 2017, 03:52:22 PM

Try 755 or 555

MessEleven · April 26, 2017, 04:13:14 PM

Server is Linux, and I've already tried both of those combinations. Is there a chance that I might have incorrect permissions elsewhere that are affecting this? The error warnings are new each time I clear them, and open a page on the site. I'll send you a pm of the site's address.

eCommerce Core · April 26, 2017, 04:33:13 PM

The system checks if file is writable for the web user (apache).

Code Select


if (is_writable(DIR_SYSTEM . 'config.php')) {

I suspect that public_html/system/config.php owner is the same as your web user. If you set file permissions 555 or 444 this check will pass.

MessEleven · April 26, 2017, 11:01:45 PM

Tried it both ways (555 and 444) with no luck. Still getting error messages. Regardless of the messages, is the site safe using any of these configurations, including 755?

Basara · April 27, 2017, 02:54:28 AM

Hello, MessEleven. AbanteCart do the best to report you an issue with security. System check if config.php file writable because some servers not configured correctly or to avoid server administrator mistake.
This message just indicate a problem to help you be more secure.
Please read a bit about permissions but it is more about your server/users configuration and not about AbanteCart

http://docs.abantecart.com/pages/tips/troubleshooting.html#permissions

If you just want to hide this message and you sure your permissions are correct simply disable System check in Admin > System > Settings page.

MessEleven · April 27, 2017, 06:22:32 AM

I think I've finally figured it out. Instead of changing permissions with cPanel, I was doing it with the remote server through Dreamweaver. For some reason when doing so, the changes on the server side weren't being saved. I made the permission corrections last night via cPanel instead, and voila! No error messages since.

Thank you both - eCommerce Core and Basara - for your help with this frustrating issue!

Basara · April 27, 2017, 06:25:55 AM

Thank you for reply back. This will help other AbanteCart Community users

News:

Incorrect File Permissions