Cannot change my configure.php permission

[makeup4brides]

Please excuse the length of this post - but I wanted to add as much info as possible

I have changed all my permissions but cannot change the configure.php at the top of my site I get this error

Warning: I am able to write to the configuration file: /home/m/a/makeup4brides_co_uk/designs/shop/includes/configure.php. This is a potential security risk - please set the right user permissions on this file (read-only, CHMOD 644 or 444 are typical). You may need to use your webhost control panel/file-manager to change the permissions effectively. Contact your webhost for assistance.

I contacted UK2 to aske them to change it for me and this is the reply I got
*************
Hi Tracy,

It seems the PHP / E-commerce solution you are trying to set up requires soem PHP settings to differ from our safety settings. Unfortunately with 'shared hosting' where your website is hosted on servers alongside other customer's websites and e-commerce sites also, we have cannot allow scripts which will open the server to potential security risks. We do have an e-commerce cart that works with security enforcements.

However, our Dedicated Servers (where you have sole access to the server) will allow you to set your own security levels and configure your software however you wish - as this does not jeopardize other customers.


Regards,

**********
I may be tired but I really don;t understand what he is saying as I had another zencart running on another directory and that was fine. ( apart from have his ecommerce software which I will not do !

--------------------------------------------------------------------------------

Another message from uk2 support ?

Tracey,

Are you setting up an 'updated' version of the Zencart? or is it the 'exact' same build/version as the one you've previous set up. Also, it may be because the enforcements were implemented 'after' you were able to create the cart last year. Alot of new scripts these days require more 'open and relaxed' security settings to function - and along with this also comes the security risks.


I have explained that it is an update... What can I do to rectify this.. I'm banging my head on a brick wall here !


I have just looked at my user permissions right click on the properties and seen that the configure.php is set to user : nobody whereas all the other files are set to makeup4b - This may be the solution

The dist-configure.php file is set to me - so if I rename this to configure.php again - would this muck my system up ? Will wait for a reply until I rename the file again.

I received this , this morning from them - can anyone shed any light

This is because of the permissions, it is in the 'nobody' group because it cannot be granted the permission to be written to - which the makeup4brides would be the onwer group with that access.

Here is some information that you can pass onto their support to get to the bottom of this Tracey:

1. Our Shared hosting has PHP_SAFEMODE set to 'OFF'
2. register_globals is 'DISABLED'
3. This knowledgebase article might give a more definitive answer: http://support.uk2.net/index.php?_m=...=63&nav=0,5,15

[Ryk]

Write to the idiot again, pointing out that you are trying to INCREASE the security level of your configure file!

If you have access via your host's control panel, you should be able to change the setting there via the file manager.

With this sort of service, I'd consider switching to a Zen Certified Host.

[makeup4brides]

ok will try and contact them again - I will call him an idiot after he has helped - shall I? LOL !!!

Any thoughts about the "changing the dist-configure.php back to configure.php " request...

[Pixxi]

Assuming your existing includes/configure.php is working fine, and just has the owner = nobody problem ...

Create a new empty text file on your local PC with your text editor called configure.php.

Copy and paste the contents of your includes/configure.php into the empty text file on your PC and save it.

On the server, rename your includes/configure.php to something else (eg. configure_old.php)

Then upload the new configure.php you've created on the PC into your includes folder on the server and set the permissions.

Because you've uploaded the file, the 'owner' should now be your user name.

[makeup4brides]

Assuming your existing includes/configure.php is working fine, and just has the owner = nobody problem ...

Create a new empty text file on your local PC with your text editor called configure.php.

Copy and paste the contents of your includes/configure.php into the empty text file on your PC and save it.

On the server, rename your includes/configure.php to something else (eg. configure_old.php)

Then upload the new configure.php you've created on the PC into your includes folder on the server and set the permissions.

Because you've uploaded the file, the 'owner' should now be your user name.

Didn't work the first time - reinstalled zen cart yet again did what you said BEFORE I changed the other permissions ( I tried to do this after on the first installation and it wouldn;t allow me )

It worked ... thank you pixie. - and I contacted uk2 again after I got it working and they apologised apparently they did not understand my initial request ???????? DUR !!!!!!!

Thank you for all your help - ( p.s help yourself to bicuits with that cup of coffee ) this is a fantastic support site and great software xxx