flyzone Posted September 29, 2021 Report Share Posted September 29, 2021 Hello all, I just upgrade to version 5.3 from 5.05 and I keep getting a security flag. ---- Your browser was able to fetch some files that should not be accessible. For example: var/cache/README.txt ---- VAR is set on 777 as it was in the past. Any idea why? The files were uploaded via FTP as I did in the past, so the owner is the FTP user. Also for the first time I couldn't lock the settings file with 644 permissions, I had to set the file with 444 and when selecting the product updates button is putting the browser window in a loop, doesn't matter what kind of browser, even with cache cleared. Apache - PHP 7.3.30 - MySQL 5.5.68 Maria-DB Thank you Quote Link to comment Share on other sites More sharing options...
flyzone Posted September 29, 2021 Author Report Share Posted September 29, 2021 Replied to myself. Solved most of the issues by re-running the update and loading the new version as root and flushing all the caches. Still, the issue with the security is appearing. Quote Link to comment Share on other sites More sharing options...
flyzone Posted November 25, 2022 Author Report Share Posted November 25, 2022 After more than a year I'm wondering if anyone found a solution to the var/cache/README.txt security error. I saw other posts in here asking the same question but no solutions. Ever removing the file is not solving the issue. I just upgrade version 5.3 to 5.4.1 but the results is the same. In the same server I'm running 5.0.5 on a different domain and there are no errors there, but in that case the security section was not included in the Revive server. Thanks A. Quote Link to comment Share on other sites More sharing options...
EdTGuy Posted September 5, 2023 Report Share Posted September 5, 2023 I'm having the same issue. I recently "revived" an old 4.1.4 server and upgraded it to 5.4.1 When I log in, it displays this message: Your browser was able to fetch some files that should not be accessible. For example: var/cache/README.txt etc/database_action.xml plugins/etc/openXDeliveryLog.xml var/INSTALLED Click here to find more information on how to secure your installation. I followed the suggestion in the link, adding the segment below to /etc/httpd/conf/httpd.conf, but it had no effect. Any suggestions are appreciated. <Directory /var/www/revive-adserver-5.4.1> AllowOverride AuthConfig Limit </Directory> Quote Link to comment Share on other sites More sharing options...
EdTGuy Posted September 7, 2023 Report Share Posted September 7, 2023 Follow up: I'm no longer getting the security warnings. I'm not sure if it was cause by some of the additions I made to httpd.conf, and .htaccess, some permissions I changed via chmod, or from running sudo yum update. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.