Requires wp-config.php permissions to be 777
This plugin works, but I discovered today that Quick Cache requires the permissions of wp-config.php to be set at 777. I found this out because I run some security tests and usually I run my set up prior to changing wp-config.php permissions. This time though I did it vice versa and Quick Cache said it need my wp-config.php to be set at 777.
This is a security risk as the permissions 777 not only allow others on your server to read an important file but also permissions to change it. Being able to read it is just bad enough because wp-config.php contains your database name, database password and database user that your whole wordpress needs to run.
WordPress.org says “All files should be 644 or 640. Exception: wp-config.php should be 600 to prevent other users on the server from reading it.”
Read more half way down the page under “Shared Hosting…” @ http://codex.wordpress.org/Changing_File_Permissions
I won’t be using this plugin until an update is released because of the security issue.
- The topic ‘Requires wp-config.php permissions to be 777’ is closed to new replies.