Warning Message - I can write to configure.php

[arthena]

I get the Warning: I am able to write to the configuration file: /home/fhlinux163/m/momentsstore.co.uk/user/htdocs/shop/includes/configure.php. This is a potential security risk - please set the right user permissions on this file (read-only, CHMOD 644 or 444 are typical). You may need to use your webhost control panel/file-manager to change the permissions effectively. Contact your webhost for assistance.

I have checked my reard write status and it is set to 644.

Any ideas Please

[DrByte]

FAQs:
https://www.zen-cart.com/tutorials/index.php?article=90
https://www.zen-cart.com/tutorials/index.php?article=9
https://www.zen-cart.com/tutorials/i...hp?article=148

Did you try 444 as suggested in the warning message ?

[arthena]

Hi,

Yes I tried 444 even got the web company (streamline) to do it,

They tell me the server defaults to 664 which should be ok

Sorry to be a pain

[DrByte]

Be warned that overriding that warning by turning off the alert does *not* protect the file from security risks. If you believe the file is safe, you can follow the instructions and warnings in this thread in order to suppress the warning message from being displayed.
http://www.zen-cart.com/forum/showthread.php?t=44721

[arthena]

Hi,

Many thanks for the info, I was wondering if anyone else using STREAMLINE had the same problem. Is there any other way to test the file to see what the setting for it is.

Regards

[DrByte]

That warning is telling you that PHP sees the file as writable.

As for Streamline, do a forum search for *streamline* (with the *'s) for some interesting reading.

[arthena]

Hi, sorry to go around in circles but when I check the properties through my FTP program and FTP control pannel it does state that it is set to 644.

I dont want to deactivate the message unless it is ok to do so

[Qdixon]

Heed our advice over your host's advice.

Some configurations need 444 and others 644.

If the shopping cart shows the red bar saying to increase your chmod for security, it is very important to do so.

Mine is always 444

[arthena]

Hi,

Streamline not very helpful with solving problem, but they did hint towards PuTTY and haypresto all is now good, Warning has gone.

[fr3spirit]

I also use STREAMLINE Grrrr I also had this message appear out of nowhere after being up online and fully functioning for two months! I think they tinkered at their end and it made it just appear. I submitted a support ticket to help fix the problem and all I got was a reply with a link to their tutorial that doesn't work like I needed it too. I have supressed the message so it doesn't show, while I wait for them to either do it for me or help me figure it out. Anyone reccomend a more helpful server service?