flyzone Posted January 4, 2014 Report Share Posted January 4, 2014 Hello there, I just moved from OpenX 2.8.10 to Revive 3.0.2 The process was smooth and all seems to work just fine except for locking down the conf.php file. With the FTP i changed /var/www.myserver.com.conf.php from 777 to 644 but when i log into the Revive back-end from the browser and i go into the admin area and modify the settings the system is reporting that the conf file is not locked and I should do so in order to secure it. I can modify each settings no problem. I modify the file permission several time just to see if it makes any difference but the system is still reporting the file as unlocked. Any suggestion? thanks A. Quote Link to comment Share on other sites More sharing options...
Erik Geurts Posted January 4, 2014 Report Share Posted January 4, 2014 When you changed the permissions of your config file in earlier versions, so before you upgraded to Revive Adserver, did you also see that the config file was still being reported as unlocked? If so, I suggest you contact your sysadmin or hosting provider and discuss with them. Quote Link to comment Share on other sites More sharing options...
flyzone Posted January 5, 2014 Author Report Share Posted January 5, 2014 Yes, in the old implementation of OpenX the file was set as 644 but the backend was reporting the file as locked. Quote Link to comment Share on other sites More sharing options...
andrewatfornax Posted January 5, 2014 Report Share Posted January 5, 2014 Works for me in my local setup. Are you definitely using www.myserver.com to access your installation, and not another URL? Quote Link to comment Share on other sites More sharing options...
flyzone Posted January 6, 2014 Author Report Share Posted January 6, 2014 yes, same root of the domain name I'm serving, and the conf is www.myserver.com.conf.php the server is sitting on httpdocs/adserver so the file is inside httpdocs/adserver/var Quote Link to comment Share on other sites More sharing options...
Guest Posted January 6, 2014 Report Share Posted January 6, 2014 With the FTP i changed /var/www.myserver.com.conf.php from 777 to 644 sometimes due to cache settings , file permission may not be changed . Now /var/www.myserver.com.conf.php is 644 ? Quote Link to comment Share on other sites More sharing options...
hdi-kw Posted January 6, 2014 Report Share Posted January 6, 2014 644 is still write permission for the owner of the file. If the owner is the same as the webserver user then it is not locked. Try 444 to lock this file and only allow read access to it. Quote Link to comment Share on other sites More sharing options...
flyzone Posted January 6, 2014 Author Report Share Posted January 6, 2014 Perfect. Changing to 444 will solve the issue. Thank you. Quote Link to comment Share on other sites More sharing options...
Erik Geurts Posted January 6, 2014 Report Share Posted January 6, 2014 Perfect. Changing to 444 will solve the issue. Thank you. Still, this doesn't explain why it used to work with 644 in the past, and not now. Quote Link to comment Share on other sites More sharing options...
flyzone Posted January 7, 2014 Author Report Share Posted January 7, 2014 If there's anyway I can help to solve the mystery with some info you can always contact me. Quote Link to comment Share on other sites More sharing options...
hdi-kw Posted January 7, 2014 Report Share Posted January 7, 2014 Still, this doesn't explain why it used to work with 644 in the past, and not now. If the old file had a different owner it would make sense. The owner of the file now must be the same user as the user that runs the webserver. If it is a multiuser system you should also change the permission of the file to 440 or even 400 so that not everyone with access to the server can read the configuration file with the DB password inside. Quote Link to comment Share on other sites More sharing options...
fritzgreen Posted May 13, 2014 Report Share Posted May 13, 2014 The conditional test in the isConfigWritable() method that checks the config file permissions in 3.0.4 uses is_writable(), which only checks whether PHP can write to the file or not. I don't know if the method has been rewritten in some recent update, but it would probably need to be modified to use fileperms() and specifically test for 644 if that's what the intent is. When the perms are set to 444, even the admin user cannot make changes to the configurations in the admin interface without first resetting the perms. It should be noted that this official thread indicates that a secure installation's config file should be 444: http://forum.revive-adserver.com/topic/112-securing-revive/?hl=%2Bconfiguration+%2Bfile Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.