Page 1 of 2 12 LastLast
Results 1 to 10 of 16
  1. #1
    Join Date
    Dec 2005
    Posts
    11
    Plugin Contributions
    0

    Default Warningafter Installation Of Zen-cart

    Hi,

    I'm not able to correct permission for the two files configure.php after installation. I've tried both in explorer ftp and in file manager in my webhotel. In filemanager there is no option for correcting this. In explorer ftp it is, there are 9 check> boxes, read, write and start for owner, group and all
    users. The problem is, that after installation these two files have checkmarks in read for all but also write for only owner. When I correct this and say OK and close the file it seems ok. If I then cl> ose the ftp explorer, and then open it again, the changes I made has dissapeared and it it still checked for
    write for owner. When I open my zen-cart store I get the warning:

    Warning: I am able to write to the configuration file:
    /customers/kjolebutikken.com/kjolebutikken.com/httpd.www/nettbutikk/includes/configure.php.
    This is a potential security risk - please set the right user permissions on
    this file.

    How can I fix this when it doesn't work as described above?
    Very happy if you can help me. I've just started and I would like to fix this before I do anything else, in case I have to install all over again (have done it three times already)

    Thanks
    Best regards
    Kjolebutikken

  2. #2
    Join Date
    Sep 2003
    Location
    Ohio
    Posts
    66,832
    Plugin Contributions
    6

    Default

    See if you can change permissions to 444 if 644 is not working ...

    If you cannot do this in FTP try via your Control Panel for your site as some servers do not allow this via FTP ...
    Linda McGrath
    If you have to think ... you haven't been zenned ...

    Did YOU buy the Zen Cart Team a cup of coffee and a donut today? Just click here to support the Zen Cart Team!!

    Are you using the latest? Perhaps you've a problem that's fixed in the latest version: [Upgrade today: v1.5.1]
    Officially PayPal-Certified! Just click here

    Try our Zen Cart Recommended Services - Hosting, Payment and more ...

  3. #3
    Join Date
    Dec 2005
    Posts
    11
    Plugin Contributions
    0

    Default

    Hi again, thank you for answer. I don't see any numbers like these at all (like 444 and 644) so I don't know what they mean or where to find them yo correct them. I only get the checkboxes, but they fall back to "before settings" all the time after I change them. Please explain me about 444 and 644 so maybe I can try yhis way.
    Thank you so much,
    Kjolebutikken:-)

  4. #4
    Join Date
    Jan 2004
    Posts
    59,803
    Blog Entries
    4
    Plugin Contributions
    133

    Default

    This FAQ talks in a bit more detail on how to make the changes:
    http://tutorials.zen-cart.com/index.php?article=9
    http://tutorials.zen-cart.com/index.php?article=148

    444 means "read only for owner, group, and world/public"
    666 means "read/write" for owner, group,world"
    777 means "read/write/execute for owner, group,world"

    the first digit is owner
    2nd digit is group
    3rd digit is world/public

    You're PRIMARILY concerned about "world/public".

    So, technically, 744 would do. But practically it's usually 644 for read-only.

    If you don't have numeric options available, just make sure it's not "writable" based on whatever word-descriptions you have.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donations always welcome: www.zen-cart.com/donate

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  5. #5
    Join Date
    Dec 2005
    Posts
    1
    Plugin Contributions
    0

    Default

    Hi,

    I am getting a similar problem.

    Cannot change the file permissions on the configure.php either. Have used lots of different programs to try and do it, tried using different levels all to no result.

    same error each time - bad file descriptor.

    I can change each of the other file permissions on the server but not these two.

    Any ideas?

  6. #6
    Join Date
    Jan 2004
    Posts
    59,803
    Blog Entries
    4
    Plugin Contributions
    133

    Default

    Originally posted by kwraight@Dec 9 2005, 03:53 PM
    same error each time - bad file descriptor.

    I can change each of the other file permissions on the server but not these two.
    Sounds like ownership of the files has been given to the webserver, not to your own userID.

    "Bad file descriptor" sounds like you likely don't have rights to make the desired changes.... which points to my security comment above.

    I suggest talking to your web-host for some assistance.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donations always welcome: www.zen-cart.com/donate

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  7. #7
    Join Date
    Dec 2005
    Posts
    4
    Plugin Contributions
    0

    Default

    Originally posted by Ajeh@Dec 8 2005, 01:04 AM
    See if you can change permissions to 444 if 644 is not working ...

    If you cannot do this in FTP try via your Control Panel for your site as some servers do not allow this via FTP ...
    Hi team,

    I have the same issue when I start my zen-cart store and I get:

    Warning: I am able to write to the configuration file:
    /customers/kjolebutikken.com/kjolebutikken.com/httpd.www/nettbutikk/includes/configure.php.
    This is a potential security risk - please set the right user permissions on this file.

    But I have checked the permissions which is already 644. I cannot change to 444 though.

    What is the problem? Thanks in advance for any suggestions.

  8. #8
    Join Date
    Jan 2004
    Posts
    59,803
    Blog Entries
    4
    Plugin Contributions
    133

    Default

    If you're convinced that the file is read-only and you're willing to take the risk of it "not" being read-only and turn off the warning, you can do this:

    1. Create a new file:
    /includes/extra_datafiles/warnings_off.php

    2. Put the following content in the file:
    Code:
    <?php
     define('WARN_CONFIG_WRITEABLE', 'false');
    ?>
    3. Upload to your site.


    NOTE: You are still running the risk that the file may be writable, and thus could be hacked if the server's security configuration is weak.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donations always welcome: www.zen-cart.com/donate

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  9. #9
    Join Date
    Dec 2005
    Posts
    4
    Plugin Contributions
    0

    Default

    Originally posted by DrByte@Dec 10 2005, 06:25 PM
    If you're convinced that the file is read-only and you're willing to take the risk of it "not" being read-only and turn off the warning, you can do this:
    .....
    Dear DrByte,

    I have checked many times and the permission is 644. Thanks for your advise on turning off the warning anyhow. I am just a bit worry but I might do that anyhow.

    Brgds.

  10. #10
    Join Date
    Jan 2004
    Posts
    59,803
    Blog Entries
    4
    Plugin Contributions
    133

    Default

    You could always ask your webhost for advice on how to make the files read-only.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donations always welcome: www.zen-cart.com/donate

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

 

 
Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •