I've been to hardcore locking down services/php/wordpress (6 posts)

  1. angrywarrior
    Posted 3 years ago #

    Hmm oh well it nice with security but it looks like I've actually been to hardcore locking down services/php/wordpress on my windows 2003 server. Before I made all changes this night I had no issues at all downloading plug-ins straight through the dashboard, but now I am asked for ftp login to my ftp server:

    To perform the requested action, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.

    Any ideas on what is controlling this part/blocking WP from accessing the internetz?

    Thanks a bunch!

  2. Bas Schuiling
    Posted 3 years ago #

    The problem is not the connection to the internet but the inability for WordPress to write to certain directories, most notable the plugin directory and the temporary directory. You will need the HTTP server user write access to those.

  3. angrywarrior
    Posted 3 years ago #

    Aha!!! Awesome :-)

    the temporary directory

    That does rings a bell I'd think - I have not set the open_basedir in php.ini to allow the ยด%temp% in windows for php.I do not know though if that is a good idea? Anyway, maybe that is the solution..

    Thanks for giving me a lead to start with.

    I'll try to check and give a status if that work.

  4. Bas Schuiling
    Posted 3 years ago #

    Good luck :) Notice that the next time you try to auto-update your WordPress installation the same will happen if the WordPress files are not writeable, so you'll know where to look ;)

  5. angrywarrior
    Posted 3 years ago #

    Super fab so far!! :-)

    Well so it turns out that it wasn't the directory restriction in open_basedir that was blocking the downloads, or any faulting security permissions setting on files/folder for the ISR_ / Network Service blocking WP from accessing files.

    It was my policy for Security Configuration Wizard that was way to strict and was blocking/had shut down ports. I reverted the policy back to the old settings and POOF! - everything worked again :-)

    I haven't really figured out yet what ports that was blocked and my top suspect is that it was the ftp ports, since my ftp server wasn't accessible either. Neither from the Internetz or by local (LAN) connection or through the Administration tool. I've been googgling a bit and done some fast research and I'm now under the impression after reading a bit that WordPress uses the built in PHP ftp function to communicate with wordpress.org when trying to download plug-ins and such?

    Am I on the totally wrong side of track here with that theory?


    Oh.. .by the way does anyone happen to know what executable PHP uses for ftp connections - it isn't the php.exe itself - is it??

    The ting is that I need to make and exception for that process responsible for WordPress's ftp connections in my security policy so can run a tight ship. It would be AWESOME to get the part straight also!

    Thanks a lot in advance.

  6. angrywarrior
    Posted 3 years ago #

    Digging a bit further...

    Is the ftp.exe located in %systemroot%\System32 folder that is the guilty one - in other words the process responsible for the connections that PHP/WordPress uses when "calling home" and starts downloading/"core" updates of the cms itself?

Topic Closed

This topic has been closed to new replies.

About this Topic