Re: Upgrade help - stuck on problem configure.php is not writeable ?
Quote:
Originally Posted by
JohnnyScience
So is this "Secure FTP" generally only possible via cPanel? (or one of these paid programs?)
WinSCP doesn't completely eliminate this security hole? But it's much better than Filezilla at least?
FileZilla is an FTP application. Its weakness is that it stores passwords in plain text, so is vulnerable to trojan attacks on your computer.
WinSCP isn't a magic pill. Nor is WSFTP. But they don't store passwords in plain text, so don't have the vulnerability that FileZilla has.
That said, if YOU tell ANY program to use plain old "FTP" protocol when talking to a webserver/ftpserver, YOU will be passing YOUR passwords AND all your data in plain text, unencrypted.
To overcome that, you need to arrange for using a secure FTP method, such as SFTP or SCP/SSH or FTP-with-implicit-SSL etc, with your hosting company so that you can transmit your data in a manner that encrypts/protects all the data you exchange between your PC and the server.
Just like using SSL on pages that collect passwords or personal or financial/creditcard information.
You can read up all about all these concepts using your favorite search engine and probably wikipedia etc. If your hosting company doesn't know what you're talking about, find one that does before you spend any money with them.
Re: Upgrade help - stuck on problem configure.php is not writeable ?
As for making the configure.php files writable, 777 or 755 should do the job. If it doesn't, contact the hosting company for assistance.
Re: Upgrade help - stuck on problem configure.php is not writeable ?
Quote:
Originally Posted by
DrByte
... you need to arrange for using a secure FTP method, such as SFTP or SCP/SSH or FTP-with-implicit-SSL etc, with your hosting company so that you can transmit your data in a manner that encrypts/protects all the data you exchange between your PC and the server.
All good hosts now make this mandatory. Our host no longer allows insecure FTP and all connections are now via SSL.
As Dr Byte says, if your host is not insisting on this, then they are behind the curve - and that suggests they are behind the curve elsewhere too.