WordPress.org

Forums

Ultimate Security Check
[resolved] Bug in wp-config.php permission check (4 posts)

  1. frasten
    Member
    Posted 4 years ago #

    Hi, my wp-config.php has 400 permissions, but this plugin says that it is not secure, because, looking at its source, it checks for 640 permissions (but I really don't want to make it writable).

    http://wordpress.org/extend/plugins/ultimate-security-check/

  2. frasten
    Member
    Posted 4 years ago #

    Again, why should be .htaccess set to 644? And wp-content 777?
    I think that .htaccess should be set to 444 and wp-content to 755, to provide a more secure setup.

  3. bsndev
    Member
    Plugin Author

    Posted 4 years ago #

    hi fasten,
    thanks for your response! You're right, I need to extend the cheks and make sure file has same or less rights, but not more.

    I agree people need to have more secure setup, but a lot of ftp servers don't allow remove write access to files for file owner, so people won't be able to make those rights and get A grade.

    For now all checks are done according to wordpress article. So you can checkout that article.

  4. frasten
    Member
    Posted 4 years ago #

    You're right, I've read that article. Thank you for your kind answer.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic