.htaccess is writable

  • Resolved adcsi

    (@adcsi)


    5 years, 1 month ago

    Is it intentional, and does it mean a security issue that while I have this plugin enabled, the .htaccess file has 755 permission instead of 444?

    If I disable this plugin, the permission has to be set to 444 manually and it stays that way.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Amin Nazemi

    (@aminnz)

    5 years, 1 month ago

    Hello, This plugin is using .htaccess file to prevent access users to your “XMLRPC.php”.
    I will add some new features in the version, one of these features is changing your .htaccess file permission automatically to (444) read-only.

    Thread Starter adcsi

    (@adcsi)

    5 years, 1 month ago

    Thank you for the information.
    So this means it’s intentional and there’s nothing to worry about.

    Plugin Author Amin Nazemi

    (@aminnz)

    5 years, 1 month ago

    Yes, it’s intentional and you don’t need to worry about it.
    Other plugins using simple action to disable your xmlrpc it’s causing resource usage when a request is sent to your xmlrpc.php resources like CPU and RAM uses on the server but “Disable XML-RPC-API” will not use any resources to block the requests.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘.htaccess is writable’ is closed to new replies.