lordandy1984,
the file is touched by wp-cron and if wp-cron is triggered from server cron with PHP the file may end up with incorrect ownership.
Hi wfasa, thanks for the update, “touching” normally should not change the ownership, nevertheless the issue did not happen again. Maybe it is just happening after updates, if the file gets deleted/recreated by a cron or similar.
Crons should always be run as the server user (not called by PHP) as WordPress Suggests, that’s why this might cause issues as the server user basically does/should not have access to the PHP files.
I agree lordandy1984. Sorry for the incorrect usage of the word “touch” I meant that in layman’s terms.
Going along with what lordandy1984, the solution is the executive the crontab job as the user for that public_html.
So let’s say your user is inside /home/lordandy1984/public_html
Then let’s add your user in the cronjob.
* * * * * lordandy1984 /usr/local/bin/php /home/lordandy1984/public_html/wp-cron.php
You can change the php location to what your server needs, but just simply add the username after your timing rule. Seems to work and fix my issue.
If you run wp-cron.php via curl instead of PHP directly the owner and permissions will stay intact.
Hi,
we have the same problem. What should we do??
Noticed that “Unable to open /var/www/html/wp-content/wflogs/config.php for reading and writing.” has again reared its ugly head just the last few days. Action to be be taken?
Sorry. Should’ve noted versions: WordPress 4.7.2, Wordfence 6.2.10
The file permissions are changed whenever someone goes to the site. Here’s the process below. I first run a script that fixes the permissions and list the directory. Then I go to home page. Then I list the directory again. Permissions are changed simply by going to the page. The cron has been flagged before but that’s just because it loads a file every X minutes. I don’t think the cause is the cron itself. I’ve also disabled the cron to prove the point here.
[root /home/username/public_html]# fixperms username; dir /home/username/public_html/wp-content/wflogs/
Setting ownership for user username
Setting permissions for user username
total 188
drwxr-xr-x 2 username username 4096 Mar 3 18:03 .
drwxr-xr-x 7 username username 4096 Mar 3 13:29 ..
-rw-r--r-- 1 username username 40960 Feb 27 03:14 attack-data.php
-rw-r--r-- 1 username username 0 Feb 27 03:27 config.php
-rw-r--r-- 1 username username 133 Feb 7 14:20 .htaccess
-rw-r--r-- 1 username username 7051 Feb 27 03:14 ips.php
-rw-r--r-- 1 username username 87671 Feb 21 14:35 rules.php
-rw-r--r-- 1 username username 39141 Feb 21 14:35 wafRules.rules
[root /home/username/public_html]# dir /home/username/public_html/wp-content/wflogs/
total 188
drwxr-xr-x 2 username username 4096 Mar 3 18:03 .
drwxr-xr-x 7 username username 4096 Mar 3 13:29 ..
-rw-rw---- 1 username username 40960 Feb 27 03:14 attack-data.php
-rw-rw---- 1 username username 0 Feb 27 03:27 config.php
-rw-r--r-- 1 username username 133 Feb 7 14:20 .htaccess
-rw-rw---- 1 username username 7051 Feb 27 03:14 ips.php
-rw-rw-r-- 1 username username 87671 Feb 21 14:35 rules.php
-rw-r--r-- 1 username username 39141 Feb 21 14:35 wafRules.rules
Hi,
In most cases like this it’s not the read-write-execute permissions that are the problem but the owner and group. If the folder and files are created by a user that belongs to a different group than another user who then tries to modify a file, you will get a permissions error.
The solution to this is to make sure WordPress always runs under the same user. If you trigger wp cron via a server side cron job, this may not be the case. To fix that, make sure the server side cron job runs via curl or wget.
Changing permissions manually should not be necessary. Delete the wflogs folder, then visit any page on your WordPress site. The wflogs folder will now be recreated and it will be owned by the user that WordPress is running as.
Hello Wfasa,
Thank you for all that you do to help myself and others. I shut off the cron in wp-config.php file as well as the server-side cron to eliminate that as a possible cause of the problem, and to lend a hand in diagnosing the issue.
All it takes is someone visiting the home page and the permissions change as well as errors showing up in the error_log.
I will try to deleting the wflogs directory and see what happens but if it’s recreated the same as before, I expect that the results will also be the same.
