<![CDATA[ MODx 0.9.5 - IIS & config.inc.php - MODX Community Forums]]> https://forums.modx.com/thread/?thread=17128 <![CDATA[Re: MODx 0.9.5 - IIS &amp; config.inc.php]]> https://forums.modx.com/thread/17128/modx-0-9-5---iis-config-inc-php#dis-post-93201
if (is_writable("includes/config.inc.php")){
    // Warn if world writable
    if(@fileperms('includes/config.inc.php') & 0x0002) {
      $warningspresent = 1;
      $warnings[] = array($_lang['configcheck_configinc']);      
    }
}


(Note to all - The above change is only recommended for people who are running on Windows servers where PHP can’t properly check file permissions - and, as pointed out by Caledai, make sure that the file permissions are manually verified)

Hope that helps,
Garry]]>
garryn Mar 12, 2007, 07:52 PM https://forums.modx.com/thread/17128/modx-0-9-5---iis-config-inc-php#dis-post-93201
<![CDATA[Re: MODx 0.9.5 - IIS &amp; config.inc.php]]> https://forums.modx.com/thread/17128/modx-0-9-5---iis-config-inc-php#dis-post-93200
This is a file residing on my server at home to which I have full unrestricted access.

The file is set to read only using NTFS permissions for the IUSR account - and is set to read only in the filesystem.
If IIS were to attempt to write to the file it would fail - so I am reasonable sure that it is safe - but the error is a false positive

I can account for this because the first time I setup MODx I had not enabled write access and I had to manually edit the file because IIS/MODx was unable to do so.

As a result - this is why I asked how to remove that message.]]>
Caledai Mar 12, 2007, 07:21 PM https://forums.modx.com/thread/17128/modx-0-9-5---iis-config-inc-php#dis-post-93200
<![CDATA[Re: MODx 0.9.5 - IIS &amp; config.inc.php]]> https://forums.modx.com/thread/17128/modx-0-9-5---iis-config-inc-php#dis-post-93199
Some FTP server software also allows you to use chmod on the file in FTP to 777

For me we use gene6ftp server and this does not allow chmod commands instead i created a custom command which my users can use in ftp to set a file read-only or not]]>
onesmarthost Feb 16, 2007, 01:45 PM https://forums.modx.com/thread/17128/modx-0-9-5---iis-config-inc-php#dis-post-93199
<![CDATA[MODx 0.9.5 - IIS &amp; config.inc.php]]> https://forums.modx.com/thread/17128/modx-0-9-5---iis-config-inc-php#dis-post-93198
What is the recommended solution to locking down this file under IIS or a Windows/Apache host combo?

Currently - using NTFS permissions - it is set to Everyone : Read/Read&Execute with no other permissions assigned to it. It is also set to read only and under IIS - its permissions are read only.

However - the warning still appears every time I log into the manager that the config file is still able to be written to.]]>
Caledai Jan 19, 2007, 08:23 PM https://forums.modx.com/thread/17128/modx-0-9-5---iis-config-inc-php#dis-post-93198