Another permissions question

  • Resolved jofoco4

    (@jofoco4)


    14 years, 7 months ago

    (I beg your patience. I’ve looked at other questions regarding this issue, but don’t have the knowledge base to apply those discussions to my situation.)

    Each time I make a modification to a custom skin, and overwrite the previous copy, the file permissions on that CSS file are changed from 644 back to 666.

    My security application then catches the change and sends me a warning that I need to change the permissions back to 644. I change them back, and the next time I apply an edit, the loop repeats.

    I’m running my copy of WordPress within my domain; my site is not being hosted by WordPress.

    This circumstance seems to be related to whether I’m updating my files via FTP, and I can’t answer that question. All I do is log onto the appropriate directory in my domain, and conduct all changes through the wp-admin screen.

    Does the fact that I’m hosting my version of WP mean I’m updating via FTP? And if so, is there really a vulnerability if my permissions keep getting reset to 666?

    Thank you for helping clarify!

    John

Viewing 5 replies - 1 through 5 (of 5 total)
  • Clayton James

    (@claytonjames)

    14 years, 7 months ago

    Each time I make a modification to a custom skin, and overwrite the previous copy, the file permissions on that CSS file are changed from 644 back to 666.

    What is your editing process? Are you using the built in WordPress editor, editing the files directly from inside an ftp client, editing using the file manager in your hosts control panel, or editing files locally and then re-uploading by ftp?

    Does the fact that I’m hosting my version of WP mean I’m updating via FTP?

    If you use an ftp client to edit, upload, or re-upload your locally edited files, the answer to that question would be yes.

    Thread Starter jofoco4

    (@jofoco4)

    14 years, 7 months ago

    Thanks for the reply! I appreciate your expertise.

    I’m using the built in WordPress editor. I log onto my site’s subdirectory through wp-admin and use all the tools available through that interface. I purchased a theme, and so this specific edit of the skin is made through the admin portal provided by that theme.

    My site was previously just a collection of PhP and CSS files, requiring me to FTP the files back and forth from my server and doing all the editing on my workstation. So I believe I understand the distinction you’re making.

    The only time I’m having to use my FTP client is to change the permissions.

    I hope this clarifies.

    Thanks again!

    Jed

    Clayton James

    (@claytonjames)

    14 years, 7 months ago

    I’m using the built in WordPress editor.

    I thought that might be it. When you use the built in editor, the files you are editing need to have permissions that will allow WordPress to write to them so that you can save your changes. This article from the Codex explains it much better than I can. Using the Theme Editor and Plugin Editor > File Permissions

    The only time I’m having to use my FTP client is to change the permissions. I hope this clarifies.

    It sure does, thank you! …And you already seem to be doing exactly the correct thing to make the WordPress editor work properly for you. The only down side is that when you are done editing, you must go back and reset the permissions to 644, as you have already discovered. It’s always best to set them back to safer permissions when you are done editing.

    Thread Starter jofoco4

    (@jofoco4)

    14 years, 7 months ago

    Can’t thank you enough for the guidance. I’ll review the reference you indicate. It looks like it will do the trick. And in the end, it’s an easy enough bit of housekeeping to check the permissions after an editing session.

    All best,

    Jed

    Clayton James

    (@claytonjames)

    14 years, 7 months ago

    You’re welcome!

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Another permissions question’ is closed to new replies.