WordPress.org

Ready to get started?Download WordPress

Forums

Smart Update Pinger security question (2 posts)

  1. doubledubs
    Member
    Posted 8 years ago #

    Here are the install instructions:

    Installation

    1. Download the zip archive
    2. Extract the PHP file from the archive
    3. Put it in your wp-content/plugins directory
    4. Make sure WordPress/PHP can write to the wp-content directory (chmod 777)

    Isn't number 4 rather foolhardy? Why would I wany to give the enitre world access to my wp-content folder?

    CHMOD set to 755 - plugin does not work
    CHMOD set to 777 - plugin works.

    I'm guessing someone out there knows the answer to this, or is setting the wp-content folder to 777 just fine? (I changed it back to 755 for now until I get an answer)

    Thanks!!!

    -Dubs

  2. jrawle
    Member
    Posted 8 years ago #

    The only reason it needs this is to write the logfile.

    I guess he says to use 777 as it's sure to work on all installations. 775 would work on my server as files belong to the "webserver" group.

    Like you, I'd prefer my wp-content not to be writeable. So I created an empty text file in wp-content called smart-update-pinger.log and made just that file writeable. The plugin now works fine.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.