WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] wp-content/blogs.dir/1/ permissions got set to 0 ?? (12 posts)

  1. lagi
    Member
    Posted 3 years ago #

    Is this a .htaccess situation? How can I modify the permissions back to something like 775? I don't have shell access on the account.

    The result of the 0 permissions is of course that all images and uploaded files are not appearing on the site. They can't be read.

  2. James
    Happiness Engineer
    Posted 3 years ago #

    Access your server via FTP or SFTP and use that to change the permissions on the directory.

  3. lagi
    Member
    Posted 3 years ago #

    I don't have shell access. And attempts to change permissions via ftp access only result in "access denied" since the access is set to 0. I even created a php file:

    <?php
    chmod("folder location redacted here", 0755);
    ?>

    running this php file serverside still gave back: "Operation not permitted"

    Any clue as to how this happened??

  4. James
    Happiness Engineer
    Posted 3 years ago #

    I don't have shell access. And attempts to change permissions via ftp access only result in "access denied" since the access is set to 0.

    In that case, you'll have to contact your hosting provider.

    Any clue as to how this happened??

    Just about anything from a long list of "maybes," including (but not limited to) rogue plugin, server-wide change, rogue server-side script, etc.

  5. lagi
    Member
    Posted 3 years ago #

    Thank you for your help. I've already sent a request to the hosting provider.

    Only plugin is DMS guestbook. Your other options would imply a malicious hack? Can I modify .htaccess to fix this? I've copied its contents below.

    One last question: why does the 3.0+ versions of wordpress use this /blogs.dir/1/ structure? Old structure (uploads folder organized by year and month) seemed much more straightforward.

    .htaccess existing contents:

    RewriteEngine On
    RewriteBase /

    #uploaded files
    #RewriteRule ^(.*/)?files/$ index.php [L]
    #RewriteCond %{REQUEST_URI} !.*wp-content/plugins.*
    #RewriteRule ^(.*/)?files/(.*) wp-includes/ms-files.php?file=$2 [L]

    # add a trailing slash to /wp-admin
    RewriteCond %{REQUEST_URI} ^.*/wp-admin$
    RewriteRule ^(.+)$ $1/ [R=301,L]

    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule . - [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-.*) $2 [L]
    RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
    RewriteRule . index.php [L]

    <IfModule mod_security.c>
    <Files async-upload.php>
    SecFilterEngine Off
    SecFilterScanPOST Off
    </Files>
    </IfModule>

  6. lagi
    Member
    Posted 3 years ago #

    What is also weird is that some of the files located in that directory are able to be read while others are not.

    ex. http://justiceformydad.com/wp-content/blogs.dir/1/files/2010/05/Pic-1.jpg

    appears fine in the post and is downloadable.

    But

    http://justiceformydad.com/wp-content/blogs.dir/1/files/2010/09/Eid-Appeal-to-HH-page-1.jpg

    is not. You can save file as but it only downloads a text version of the 404 error page.

    They are both inside of this mystery folder with 0 permissions into which I cannot browse via FTP.

  7. tdjcbe
    Member
    Posted 3 years ago #

    I know you've said you've contacted your host but I have a feeling that this was something that they did. When there's a security issue on a server, it's common for someone with root access to go in, set permissions to zero, and wait for the client to notice something's up and contact them.

    I have a feeling that you're able to see the directory within a control panel like CPanel. Many of those panels run as a root user. That's probably why you can see it here but not as ftp. Your ftp user is at the same level as your user account.

  8. I agree with tdjcbe here, likely the host did something to reset permissions. even a routine upgrade.

  9. lagi
    Member
    Posted 3 years ago #

    It's visible in both FTP and CPanel. But in neither are the subfolders visible and in neither can permissions be changed.

  10. Then you absolutely have to contact your webhost.

  11. lagi
    Member
    Posted 3 years ago #

    ANSWER:

    It turns out that the webhost had set the permissions to 0 intentionally in response to a letter from a lawyer. Crazy world. Now I have a taste of what wikileaks and torrent sites must go through all the time...

    I'm doing this work (fixing up the WP theme, etc.) as a favor to a friend. It never occurred to me that someone would have threatened his webhost and that they would have done this action to his account. I thought I was going crazy or had inadvertently done something horribly wrong. The friend has been framed/targeted and is serving an unjust sentence. That is what the site is set up for - to show the facts of the case to the public. Some don't want the facts known....

    Thanks all for your advice.

  12. tdjcbe
    Member
    Posted 3 years ago #

    Bingo. Glad you got it worked out.

Topic Closed

This topic has been closed to new replies.

About this Topic