Wordfence files permissions

  • xefix

    (@xefix)


    6 years, 6 months ago

    Hello,
    When running wordpress on a cPanel server, the Wordfence sets the files permissions to 600. The files are owned by the user and Apache server runs as the “nobody” user, hence doesn’t have access to read these files again. Is this intended?

    /…/public_html/wp-content/wflogs/ips.php
    /…/public_html/wp-content/wflogs/attack-data.php
    /…/public_html/wp-content/wflogs/config-synced.php
    /…/public_html/wp-content/wflogs/config-livewaf.php
    /…/public_html/wp-content/wflogs/config-transient.php
    /…/public_html/wp-content/wflogs/config.php

Viewing 2 replies - 1 through 2 (of 2 total)
  • wfdave

    (@wfdave)

    6 years, 6 months ago

    Hi @xefix,

    600 is the default permissions for files on a unix-based system. It states that only the owner has read/write access.

    This means that if the wflogs folder does not have the owner set as apache (www-data), Wordfence will be unable to access the files within the wflogs folder.

    Dave

    Thread Starter xefix

    (@xefix)

    6 years, 6 months ago

    Hello Dave,

    The setup that I’m talking about: we have cPanel setup with multiple users.
    The files under …/user-account/public_html are owned by the user:user (755 for directories and 644 for files), and this is the default setup for cPanel.
    The apache/php processes are run under the “nobody” user (www-data, same thing).
    The files created by WordPress (cache files, images, etc) are created with the 644 permissions (the umask that the php process is using) – this works as intended.

    The Wordfence plugin is explicitly setting the files permissions to 600 – and I am assuming that the plugin is ignoring these files and re-writes them on every page load – which I am not sure that is the intended behaviour(if the plugin works correctly for websites that are hosted on cPanel).

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Wordfence files permissions’ is closed to new replies.