Results 1 to 10 of 16

Hybrid View

  1. 26 Sep 2007, 01:05 PM #1
    arthena
    arthena is offline New Zenner
    Join Date
    Jul 2007
    Location
    Sunny Cornwall
    Posts
    73
    Plugin Contributions
    0

    red flag Warning Message - I can write to configure.php

    I get the Warning: I am able to write to the configuration file: /home/fhlinux163/m/momentsstore.co.uk/user/htdocs/shop/includes/configure.php. This is a potential security risk - please set the right user permissions on this file (read-only, CHMOD 644 or 444 are typical). You may need to use your webhost control panel/file-manager to change the permissions effectively. Contact your webhost for assistance.

    I have checked my reard write status and it is set to 644.

    Any ideas Please
  2. 26 Sep 2007, 01:17 PM #2
    DrByte's Avatar
    DrByte
    DrByte is offline Sensei
    Join Date
    Jan 2004
    Posts
    66,443
    Plugin Contributions
    279

    Default Re: Warning Message

    FAQs:
    https://www.zen-cart.com/tutorials/index.php?article=90
    https://www.zen-cart.com/tutorials/index.php?article=9
    https://www.zen-cart.com/tutorials/i...hp?article=148

    Did you try 444 as suggested in the warning message ?
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
  3. 26 Sep 2007, 01:24 PM #3
    arthena
    arthena is offline New Zenner
    Join Date
    Jul 2007
    Location
    Sunny Cornwall
    Posts
    73
    Plugin Contributions
    0

    Default Re: Warning Message - I can write to configure.php

    Hi,

    Yes I tried 444 even got the web company (streamline) to do it,

    They tell me the server defaults to 664 which should be ok

    Sorry to be a pain
  4. 26 Sep 2007, 01:48 PM #4
    DrByte's Avatar
    DrByte
    DrByte is offline Sensei
    Join Date
    Jan 2004
    Posts
    66,443
    Plugin Contributions
    279

    Default Re: Warning Message - I can write to configure.php

    Be warned that overriding that warning by turning off the alert does *not* protect the file from security risks. If you believe the file is safe, you can follow the instructions and warnings in this thread in order to suppress the warning message from being displayed.
    http://www.zen-cart.com/forum/showthread.php?t=44721
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
  5. 26 Sep 2007, 01:50 PM #5
    arthena
    arthena is offline New Zenner
    Join Date
    Jul 2007
    Location
    Sunny Cornwall
    Posts
    73
    Plugin Contributions
    0

    Default Re: Warning Message - I can write to configure.php

    Hi,

    Many thanks for the info, I was wondering if anyone else using STREAMLINE had the same problem. Is there any other way to test the file to see what the setting for it is.

    Regards

  6. 26 Sep 2007, 01:51 PM #6
    DrByte's Avatar
    DrByte
    DrByte is offline Sensei
    Join Date
    Jan 2004
    Posts
    66,443
    Plugin Contributions
    279

    Default Re: Warning Message - I can write to configure.php

    That warning is telling you that PHP sees the file as writable.

    As for Streamline, do a forum search for *streamline* (with the *'s) for some interesting reading.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
 

 
« Previous Thread | Next Thread »

Similar Threads

  1. Warning: I am able to write to the configuration file: /configure.php. help please
    By flyspidert in forum General Questions
    Replies: 2
    Last Post: 28 Mar 2013, 10:53 PM
  2. Receiving can write to configure file warning.
    By awhfy99 in forum General Questions
    Replies: 1
    Last Post: 14 Aug 2010, 03:09 PM
  3. Security warning message: configure.php is writeable
    By sccr410 in forum General Questions
    Replies: 6
    Last Post: 11 Apr 2007, 01:41 AM
  4. Can't write configure.php
    By dtakle in forum Installing on a Windows Server
    Replies: 5
    Last Post: 11 Nov 2006, 08:06 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

disjunctive-egg
Content and Graphics Copyright (c) 2003 - 2026 Zen Ventures, LLC - all rights reserved
Zen Cart® is a Registered Trademark of Zen Ventures, LLC