WordPress.org

Ready to get started?Download WordPress

Forums

wp-config.php (11 posts)

  1. mehtuus
    Member
    Posted 2 years ago #

    I just found out the hard way that you always want to have a backup of your wp-config.php file. I was messing with the WP Security Scan plugin and it caused the file to become inaccessible even through FTP. It did however allow me to delete it, but it totally reset the website. DOH! Live and learn.

  2. WebsiteDefender
    Member
    Posted 2 years ago #

    We are really sorry for that inconvenience :(

    The 3.0.3 version of the plug-in has fixed that error.

  3. Rev. Voodoo
    Volunteer Moderator
    Posted 2 years ago #

    I just found out the hard way that you always want to have a backup of your wp-config.php file.

    Just to strengthen the point, you should always have a backup of ALL files, and your database. Things can do wrong, and if they do, it'd be terrible to lose all your content

  4. GRAQ
    Member
    Posted 2 years ago #

    How do you manage to make a file only deletable? I can't imagine permission settings that will allow delete but not read. And if the site was still running, then the file was being read.

  5. You don't. Generally speaking, if a file can be written to, it can be erased or deleted.

    However, when it comes to reading a file, it depends who needs to read it :) the wp-config.php file can be limited more than others.

    If you use Unix, then all files from WP should be 644 or 640, except for wp-config.php, which should be 600 to prevent other users on the server from reading it.

  6. mehtuus
    Member
    Posted 2 years ago #

    Just to strengthen the point, you should always have a backup of ALL files, and your database. Things can do wrong, and if they do, it'd be terrible to lose all your content.

    After *this* experience, point well taken. The only real plus to this situation is that this happened to a new site that didn't yet have any real content. I just had to reconfigure everything.

    How do you manage to make a file only deletable?

    Now I am wishing that I had taken a screenshot. Using FileZilla to access the server, it showed the permissions for that file as a five digit number. I don't remember all of the numbers, but it was something like this: 012xx. The "x" digits are the numbers that I don't recall.

    For me this was a really weird situation. I could not download the file (which included 'view/edit'), rename it, or change it's permissions. According to FZ none of the permissions check boxes were checked. I did not try to move the file. But when I hit the delete button the file went bye-bye. I had to do something because the site was down because of it. The moment I deleted the file site was functioning again and WP prompted to create a new wp-config.php file. At this point reconfiguring commenced...

  7. For me this was a really weird situation. I could not download the file (which included 'view/edit'), rename it, or change it's permissions.

    Ah, that I can explain :) There are two parts to permissions:

    1) Ownership
    2) Permissions

    In MANY cases, your PHP install can be set to create files owned by 'nobody', which means you cannot read, download or right to them. When THAT happens, you go grab your host and say 'Dude, fix this.'

  8. mehtuus
    Member
    Posted 2 years ago #

    In MANY cases, your PHP install can be set to create files owned by 'nobody', which means you cannot read, download or right to them. When THAT happens, you go grab your host and say 'Dude, fix this.'

    Thanks for that info! At least now I am aware of a less volatile direction in which I can go if this sort of thing happens again.

    I had no idea that php on a shared host was capable of performing such a brain-dead operation, but now I know otherwise. My crappy host does not allow me to make any changes to my php. It only allows me to view its' settings, so my php being able to do this would be a setting that they have set for me by default.

  9. tod7
    Member
    Posted 2 years ago #

    I've moved my wp-config.php file, based on the advise given by wordpress.org itself.
    Will this plugin still be able to interact even if it's outside of the wp install?

  10. which plugin, tod?

    And to where did you move it?

  11. mehtuus
    Member
    Posted 2 years ago #

    I am guessing that he is referring to the WP Security Scan plugin that I mentioned in the first post.

    @tod7:
    Are you able to link to the conversation from wordpress.org itself that advised you to move the wp-config.php file?

    Also as Ipstenu asked above, to where did you move the file?

Topic Closed

This topic has been closed to new replies.

About this Topic