Ken_Shea Posted February 1, 2019 Share Posted February 1, 2019 I am able to write to the configuration file: /home/public_html/catalog/includes/configure.php. This is a potential security risk - please set the right user permissions on this file. What would be the proper permissions? Set it to 0755 (was 0644) with no change in warning. Thanks Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 1, 2019 Share Posted February 1, 2019 I normaly set that to 0444 It is also important to set this using your cPanel rather than ftp. Link to comment Share on other sites More sharing options...
Ken_Shea Posted February 1, 2019 Author Share Posted February 1, 2019 Thanks, in cPanel now. Any others that should be 0444? Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 1, 2019 Share Posted February 1, 2019 Yes both the config should be set to 0444 you have on in admin as well, I also set this for any other file I don't want people to mess with. Link to comment Share on other sites More sharing options...
Ken_Shea Posted February 1, 2019 Author Share Posted February 1, 2019 Also see whe n the security check was run a notice that some database file tables need set to UFO- 8 but when checked all are set to that, can this be ignored? Thansk Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 1, 2019 Share Posted February 1, 2019 what version are you using? Link to comment Share on other sites More sharing options...
Ken_Shea Posted February 1, 2019 Author Share Posted February 1, 2019 4 minutes ago, JcMagpie said: Yes both the config should be set to 0444 Where is the other config located? Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 1, 2019 Share Posted February 1, 2019 admin/includes/ Link to comment Share on other sites More sharing options...
Ken_Shea Posted February 1, 2019 Author Share Posted February 1, 2019 1 minute ago, JcMagpie said: what version are you using? OSC v2.3.4.1 BS EDGE Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 1, 2019 Share Posted February 1, 2019 Ah well your running a developmet version! That could be in any state. I would run the table check and then table repair and see what you get. Link to comment Share on other sites More sharing options...
Hotclutch Posted February 1, 2019 Share Posted February 1, 2019 Do you mean UTF8? It's normally the old addons that have these kind of tables. There's an option at the bottom where you can try to convert the collation to UTF8. Link to comment Share on other sites More sharing options...
Ken_Shea Posted February 1, 2019 Author Share Posted February 1, 2019 No change after doing what you suggested. Only file in admin dir PayPal.php no directories and no config Link to comment Share on other sites More sharing options...
Ken_Shea Posted February 1, 2019 Author Share Posted February 1, 2019 Just now, Hotclutch said: Do you mean UTF8? It's normally the old addons that have these kind of tables. There's an option at the bottom where you can try to convert the collation to UTF8. LOL, UFO , yes it was supposed to be UTF8, I'll give that a try Link to comment Share on other sites More sharing options...
Ken_Shea Posted February 1, 2019 Author Share Posted February 1, 2019 Running the convert took care of that warning, thanks much guys, all green now. Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 1, 2019 Share Posted February 1, 2019 5 minutes ago, Ken_Shea said: Only file in admin dir PayPal.php no directories and no config Not posiable, admin/includes/configure.php Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 1, 2019 Share Posted February 1, 2019 any file that contains sensative data like passwords or card details should be 0444 and also protected by password. Link to comment Share on other sites More sharing options...
Ken_Shea Posted February 1, 2019 Author Share Posted February 1, 2019 This is where I am looking, in the admin dir, only file there is PayPal.Php public_html/catalog/admin Link to comment Share on other sites More sharing options...
MrPhil Posted February 1, 2019 Share Posted February 1, 2019 The warning to use cPanel (any control panel, not necessarily the cPanel(tm) product) is because most servers nowadays simply ignore chmod requests from FTP (a security exposure). People try to set permissions via FTP and are puzzled because the permissions didn't seem to change. Ken, if you're that fuzzy about what's going on, "Edge" may not be a good choice for you. If this is a fresh install, you should probably be using "Frozen" instead, which is stable. Edge is still under development and can change from week to week (is unstable). If you're not an experienced programmer, you should avoid it. Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 1, 2019 Share Posted February 1, 2019 not posiable you must be in wrong directory Link to comment Share on other sites More sharing options...
Ken_Shea Posted February 1, 2019 Author Share Posted February 1, 2019 2 minutes ago, MrPhil said: The warning to use cPanel (any control panel, not necessarily the cPanel(tm) product) is because most servers nowadays simply ignore chmod requests from FTP (a security exposure). People try to set permissions via FTP and are puzzled because the permissions didn't seem to change. Ken, if you're that fuzzy about what's going on, "Edge" may not be a good choice for you. If this is a fresh install, you should probably be using "Frozen" instead, which is stable. Edge is still under development and can change from week to week (is unstable). If you're not an experienced programmer, you should avoid it. I never use FTP, so thatr's a moot warning. Al little late for that MrPhil LOL, BTW it's the version you suggested back when Of course I'm fuzzy about whats going on, you were too at one point, 95% of the people posting are fuzzy about OSC Link to comment Share on other sites More sharing options...
MrPhil Posted February 1, 2019 Share Posted February 1, 2019 Since Gary froze a snapshot of "Edge" as "Frozen", I've been recommending "Frozen" for those who want a stable, working shop. Before that, there was only "Edge", so that's what I recommended. As you're obviously still in startup on this thing, you should consider reinstalling with Frozen, as Edge is quite unstable. But, the choice is yours. Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 1, 2019 Share Posted February 1, 2019 1 minute ago, MrPhil said: Edge is quite unstable Nothing unstabe about edge in anyway ,shape or form! It's just work in progress. Link to comment Share on other sites More sharing options...
MrPhil Posted February 1, 2019 Share Posted February 1, 2019 It's "unstable" in the sense that Gary can change it radically from day to day, not that it's not working or likely to blow up. It's a test bed, not really something to base a production shop on. To each his own... Link to comment Share on other sites More sharing options...
Ken_Shea Posted February 1, 2019 Author Share Posted February 1, 2019 46 minutes ago, JcMagpie said: not posiable you must be in wrong directory Ill look closer. Link to comment Share on other sites More sharing options...
♥JcMagpie Posted February 1, 2019 Share Posted February 1, 2019 paypal.php is found it 3 places in admin. admin/ admin/includes/boxes/ admin/includes/languages/engish/moduels/boxes/ you need to be looking in admin/includes/ Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.