Support » Plugin: WP Security Safe » Bad to 644 then after a while back to bad

  • Resolved rosalie23

    (@rosalie23)


    I have an issue my images are not showing on my media or even anywhere on my website. That’s why I used this plugin to check and change the file permission of my uploads folder there I saw that there’s a file in the fm_backup named index.file that is in bad state so I changed it to 644 and updated the file permission but then after a while just refreshing the page when I check it again it goes back to the bad state. What should I do? My wordpress version is 5.4.2

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Contributor Steven Ayers

    (@stevenayers63)

    @rosalie23,

    That file is not a typical filename (index.file) which makes me suspicious of its purpose. After a quick Google search on my part for “fm_backup”, all the results included a plugin called WP File Manager. So, I am assuming that this file is associated with this plugin.

    If the file is intentionally being set by this plugin in a less secure state (higher permissions than 644), then there must be a reason for this. I would reach out to the plugin developer and ask them if it is their file and why the permissions are insecure. IF the file “index.file” is NOT associated with the plugin WP File Manager, then I would consider deleting the file.

    If the file’s permissions keep getting returned to a bad state, then something is changing it to that or WP Security Safe doesn’t have permission to change the permissions of that file. Usually you will be shown an error if WP Security Safe doesn’t have permission. Having said all this, if the WP File Manager is not responsible for this file, then you may have a bigger issue here. The only reason to have a file with higher permissions than 644 is for an external entity ( a visitor or another website ) to be able to modify the file remotely, which is not good. Files with insecure permission are typically used as backdoors to your website.

    WARNING: Do this at your own risk: Before you delete it, you may want to try viewing the file to see what it is. A “.file” extension is not typically recognized by Apache and possibly not NGINX either, thus when you attempt to view the file, you will likely end up just downloading it. If that happens, try opening it up with a text editor. By opening the file in a text editor you may see a copyright notice that will give you some sort of idea what the file is associated with and if you need it or not. If the file is empty or just contains gibberish, then the file is encoded or encrypted beyond plain text.

    SIDE NOTE: WP File Manager is a cool plugin. I use it myself a few times per year. However, I only use it as a last resort. I use it to gain temporary access to files on a website that I don’t have FTP access to. When you are not using this plugin, disable or delete it. This plugin is powerful and in the wrong hands a simple mistake could take down your site. If you were to edit a PHP file using this plugin and you accidentally introduce a PHP “Fatal Error” when editing a PHP file, then your website will not load. To add insult to injury, if the fatal error happens in the admin area as well, you will not be able to load this plugin again to undo the issue. Basically, you accidentally shot yourself in the foot and now will have to connect via FTP to fix the error or contact your hosting support for help. To prevent this kind of situation from happening, use the file manager in your hosting account (CPanel) or use an FTP client to move or edit files.

    I hope all this was helpful,

    – Steven

    Plugin Contributor Steven Ayers

    (@stevenayers63)

    @rosalie23 I am following up to see if you still need help with this issue. Please reply to this comment.

    -Steven

    Plugin Contributor Steven Ayers

    (@stevenayers63)

    @rosalie23 here is a recent article regarding a WP File Manager plugin vulnerability: https://www.zdnet.com/article/wordpress-file-manager-bug-causing-full-website-takeover-exploited-in-the-wild/ This could possibly be related to your situation. Be sure to update that plugin to the latest version regardless.

    I am going to close this support ticket due to no response. If you need further assistance, please open a new support ticket.

    • This reply was modified 1 year, 1 month ago by Steven Ayers.
    Plugin Contributor Steven Ayers

    (@stevenayers63)

    Topic closed due to no responses.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Bad to 644 then after a while back to bad’ is closed to new replies.