• Resolved Tareq Hasan

    (@tareq1988)


    I’m getting this warning:

    
    WARNING: /Users/tareq/Development/htdocs/wordpress/web/app/plugins/sucuri-scanner/src/hardening.lib.php:98
    
    fopen(/Users/tareq/Development/htdocs/wordpress/web/wp//Users/tareq/Development/htdocs/wordpress/web/app/uploads/sucuri/.htaccess): failed to open stream: No such file or directory
    

    I’m using bedrock and seems like the htaccess method of hardening.lib.php is calculating the wrong folder where it’s checking the .htaccess file. It should be corrected.

    Also, when the server is running on nginx, can you not check that hardening rule?

Viewing 5 replies - 1 through 5 (of 5 total)
  • yorman

    (@yorman)

    Can you please answer these two questions?

    • Where are you seeing this warning? error_log or web page?
    • What version of the plugin is running in your website?
    • Can you open that file in your editor and check line 98?

    I ask this because the latest version of the code is using @fopen(). The [at] symbol before the function name forces the PHP interpreter to hide these warnings. Keeping this in mind, I believe you are either using an old version of the plugin where the [at] symbol is not present, or your web server is mis-configured and ignoring the [at] symbol to force the triggering of the warning.

    Also, when the server is running on nginx, can you not check that hardening rule?

    Nginx doesn’t makes use of access control files like “htaccess”.

    The plugin skips these checks if your website is served by Nginx.

    Tareq Hasan

    (@tareq1988)

    I’ve debug-bar installed, seeing the warning there.

    Running plugin version: 1.8.18

    I can see the @fopen() in the 98 line as well. I running valet locally, also can see the same error in production site.

    It tries to create storage folder on admin_init and fails. The Nginx checking isn’t there.

    Screenshot

    yorman

    (@yorman)

    I running valet locally, also can see the same error in production site.

    What’s “valet”?

    It tries to create storage folder on admin_init and fails.

    All of the operations that write on disk are using the [at] symbol in front of the function. That’s the standard in PHP to silence warnings when the PHP script has no permission to write on disk. There is nothing else we can do there to prevent the warnings, aside from adding more checks that at this point seem to be unnecessary.

    It is clear that your WordPress installation has different permissions than the one the PHP script is expecting. If you change the permissions of the directory that the plugin is trying to write to, you will probably fix the problems and the warnings will go away.

    Tareq Hasan

    (@tareq1988)

    You’re missing the whole point of this ticket, it’s getting the wrong folder. Look at the fopen() value of the topic, the ABSPATH and path to the .htaccess file is merged into one and that’s why getting the duplicated path.

    Don’t get me wrong, I’m just trying to help to get this error away.

    yorman

    (@yorman)

    Ah you are completely right, I missed that part.

    Thank you for the report, I will make the appropriate changes to fix this problem.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Wrong .htaccess folder path’ is closed to new replies.