hwo can i block the warning messege which i have set the permissions to 444

[ashcn2001]

terrible i installed zen cart to the server and delet the installation folder in the server and set the permission to 444 but the warining informaiton was still showing  like this

Warning: I am able to write to the configuration file: /services/webpages/a/a/aariss.com/public/shop/includes/configure.php. This is a potential security risk - please set the right user permissions on this file (read-only, CHMOD 644 or 444 are typical). You may need to use your webhost control panel/file-manager to change the permissions effectively. Contact your webhost for assistance.

i check it many times and i am sure configure.php is seted to 444, but it still showing the warning message, can i find a way to delet the waring messge somewhere?? and how to delete    thank you~~~~


 


chinese music  enjoy

[The Tavern Wench]

There is no way to delete the warning message. If you have changed the includes/configure.php file permissions back to 444 and it's still not working, contact your host.  It's something they have to do on their end.

 

[ashcn2001]

sorry to reply you late , i am a little busy those days . and i have find a way to delet it , find the file \zen cart\includes\init_includes\init_header.php and delet the informaiton:
// check if the configure.php file is writeable
if (WARN_CONFIG_WRITEABLE == 'true') {
  if ( (file_exists(dirname($_SERVER['SCRIPT_FILENAME']) . '/includes/configure.php')) && (is_writeable(dirname($_SERVER['SCRIPT_FILENAME']) . '/includes/configure.php')) ) {
    $messageStack->add('header', WARNING_CONFIG_FILE_WRITEABLE, 'warning');

then everything will be good

[The Tavern Wench]

sorry to reply you late , i am a little busy those days . and i have find a way to delet it , find the file \zen cart\includes\init_includes\init_header.php and delet the informaiton:
// check if the configure.php file is writeable
if (WARN_CONFIG_WRITEABLE == 'true') {
  if ( (file_exists(dirname($_SERVER['SCRIPT_FILENAME']) . '/includes/configure.php')) && (is_writeable(dirname($_SERVER['SCRIPT_FILENAME']) . '/includes/configure.php')) ) {
    $messageStack->add('header', WARNING_CONFIG_FILE_WRITEABLE, 'warning');

then everything will be good

IF you haven't changed the file permissions back to 444 then everything IS NOT GOOD.
Just deleting the warning message is not the solution to your problem.

If your configure.php file is set any higher than 444, anyone can hack into your site.

The reason I said contact your host was so they could verify the file permissions were correctly changed to 444.  Sometimes you may think you have them changed, but they really aren't.