Permissions Problem

“A file permissions error has occurred. Please check the permissions on the script and the directory it is in and try again.”



I am getting this on completion of the installation of the new CS Cart. I have checked and double checked the folders and they are all set to the correct settings as per instructions.



Any help would be greatly appreciated as I can’t get the shop up and running.



Thanks in advance

Paddy

What permissions have you set?

666 config.local.php

777 catalog

777 images

777 skins

777 var

When you set permissions for images and var did you also set them for all sub-directories as well?

Yep, done that too…

did you set config.local.php back to 644?

Yep, done all as the instructions stated.

I think an important question will be what system is your server running on?

As it will determine the permissions you need to set (as oppose to cscart instructions)



You can read jobosales post here:

[url]http://forum.cs-cart.com/showthread.php?t=15083&highlight=security[/url]



Or search the forum for Spiral’s posts.

(eg.[url]http://forum.cs-cart.com/showpost.php?p=63610&postcount=4[/url]

or

[url]http://forum.cs-cart.com/showpost.php?p=69788&postcount=5[/url])



It will give you a greater understanding on permissions problem with installation of cscart.

Try checking the ownership of the files and directories for your install. If you copied a zip to the server and extracted it while logged in as root that could be your problem. You’ll need to reassign ownership to the files/directories so the cart can work properly.

[quote name=‘DIZZYMOTHER’]666 config.local.php

777 catalog

777 images

777 skins

777 var[/QUOTE]

I swear this issue is getting to be like a broken record … :rolleyes:



Ok — first question ----



[COLOR=“Blue”]WHAT TYPE OF PHP DO YOU HAVE INSTALLED ON YOUR HOSTING SERVER?[/COLOR]



Look at the output of your phpinfo() screen for the line labeled “Server API” …



PHP script to look at this:

```php

phpinfo();
?>

```



If that line says anything other than ‘Apache 2.0 Handler’ or very similar then the permissions you just posted above would all be [COLOR=“Red”]COMPLETELY WRONG[/COLOR] in that case the correct action would be to ignore the instructions that CS-Cart has written because they are for a different type of hosting server than what you are using and have with your web site.



If you see “cgi”, “fastcgi”, “suphp”, or any of the other variations possible or that line does not include the word “apache” as part of the worded description in the “Server API” line then you would need a different set of file permissions else you will very likely break your web site simply by just following CS-Cart’s standard installation instructions as that would be entirely wrong for you!



Generally speaking, the following will work well for MOST of the other PHP system types I just named:

[quote name=‘“Non-DSO Permissions”’]



600 for all .php scripts

644 for all non-script files (images, templates, plain html files, etc)

755 for CGI scripts and related (.pl, .py, .pm, .cgi, .e)

755 for all folders (irregardless – and that includes also catalog, images, skins, and var)

[/quote]



EDIT: Nodame, awww! You beat me to the punch. Hehe :wink:

Suddenly the Straight out the box product isn’t so out the box, but should also state you need some coding experience, but anyhow, this is all above me now with PHP this and that, I’ve never had a problem before, but decided to install a fresh shop to the server, running CS CART, it seems now though that the shop has installed and the problem I am getting is a 404 on the ADMIN side?

Any ideas on how this can now be solved?

Ta

[quote name=‘DIZZYMOTHER’]Suddenly the Straight out the box product isn’t so out the box, but should also state you need some coding experience, but anyhow, this is all above me now with PHP this and that, I’ve never had a problem before, but decided to install a fresh shop to the server, running CS CART, it seems now though that the shop has installed and the problem I am getting is a 404 on the ADMIN side?

Any ideas on how this can now be solved?

Ta[/quote]



Who are you hosting with?

[quote name=‘Spiral’]I swear this issue is getting to be like a broken record … :rolleyes:



EDIT: Nodame, awww! You beat me to the punch. Hehe :wink: [/QUOTE]



:smiley:

Wanted to save you the trouble of typing yet another similar post again.



Methink you should just write up on comprehensive post titled “Permissions, 500 Internal Server problems => Read here first before posting”

And have Jesse or one of the mod sticky it in the forum.



At least until cscart fix their script on the permissions issue.



It will be most helpful! And not to mention, saving you all the repetitive typing. ^^

Thanks Nodame, it was getting a tad monotonous, but after messing about with the permissions I seemed to have sorted it out?! Don’t ask me how, but its working now!

[quote name=‘DIZZYMOTHER’]Thanks Nodame, it was getting a tad monotonous, but after messing about with the permissions I seemed to have sorted it out?! Don’t ask me how, but its working now![/QUOTE]

You know what, I think I will see if I can do something about that …



I will go ahead and write everyone a quick script utility to check their server information and display the correct permission recommendations for everyone based on their specific type of server that the end user is using and that should take some of the guesswork out of all this mess for everyone.



(And maybe if we are all really lucky, CS-Cart will decide to steal my code HINT :wink: )

[quote name=‘Spiral’]You know what, I think I will see if I can do something about that …



I will go ahead and write everyone a quick script utility to check their server information and display the correct permission recommendations for everyone based on their specific type of server that the end user is using and that should take some of the guesswork out of all this mess for everyone.



(And maybe if we are all really lucky, CS-Cart will decide to steal my code HINT :wink: )[/QUOTE]

You have no idea of how long I have been waiting for you to do this. Just knowing will allow storeowners a tool to make better decisions to secure their site and maybe, if we are lucky, CS-Cart will incorporate this into the install.



Bob

Hi Everyone:



I have been incredibly busy the past day and a half since I posted the message above and have not gotten the free time I wanted yet to write you all the script I mentioned though I will still definitely try to do this for you still but in case I forget, here is some information that should help all of you:



In PHP, there is a function called php_sapi_name() that will tell you what kind of PHP is running on the server and will return any of the folllowing values:



aolserver, apache, apache2filter, apache2handler, caudium, cgi, cgi-fcgi, cli, continuity, dso, embed, isapi, litespeed, milter, nsapi, phttpd, pi3web, roxen, suphp, thttpd, tux, and webjames



If the results of that function return “apache”, “apache2filter”, “apache2handler”, or “dso” then you are “Apache Module (dso)” based on your server and you may go ahead and use CS-CART’S INSTALLATION INSTRUCTIONS as written



However, if the results of that function return anything else then you should NOT use CS-Cart’s instructions as they were not written for your server type and would actually break your web hosting site if you were to follow CS-Cart’s instructions and would instead likely need the following permissions instead:



755 for all Folders (And this includes those CS-Cart incorrectly says to put 777)

600 for all PHP scripts (.php)

755 for all CGI scripts (
.py, *.pl, *.pm, *.cgi, *.e)

644 for all Non-Script Files (HTML, Templates, Images, Etc)



The php_sapi_name() function could easily be used to setup code switches or evaluation if blocks in code to set different permissions for different servers.



For those who aren’t as versed in programming or don’t really care about PHP, you can also tell which type of PHP you have bey looking at your PHP info screen would also help in that department as ell



Again I will try to find some time here shortly between work to write the script

The easiest way to check the PHP API is to go to Administration->Logs, then click the “php information” link. Look for the line that says “Server API”. If DSO or Apache is displayed, you should set the permissions as suggested by CS-Cart (777/666). If the result is suPHP, cgi, cgi/FastCGI or anything other than Apache or DSO, you should be able to set your permissions to 755/644.



If you have SSH access to your server, you can run the following commands to reset your permissions. I have permissions set up as below and have no problems:

find . -type d -exec chmod 755 {} \;
find . -type f ! -name "*.php" -exec chmod 644 {} \;
find . -type f -name "*.php" -exec chmod 600 {} \;




You should also set your default permissions in config.php to match:

// Default permissions for newly created files and directories
define('DEFAULT_FILE_PERMISSIONS', [B][COLOR="Red"]0644[/COLOR][/B]);
define('DEFAULT_DIR_PERMISSIONS', [B][COLOR="red"]0755[/COLOR][/B]);




You should try this out on a test installation prior to your store. But, don’t be intimidated since you can easily reverse the process to set the permissions back as they were.



Bob

Currently, you can set default permissions for newly-created directories and files in config.php. This results in all files being given the same permission (e.g., 644).



As an example, I reset permissions as follows after installation:

directories - 755
non-php files -644
php files - 600




In config.php, I have default permissions set as follows:

// Default permissions for newly created files and directories
define('DEFAULT_FILE_PERMISSIONS', 0644);
define('DEFAULT_DIR_PERMISSIONS', 0755);




Unfortunately, any new files created in /var/cache and /var/compiled will have permissions set to 644 rather the 600 I would prefer for security purposes. Please add the ability to set permissions for .php files independent of other files (e.g., tpl, jpg, png). The would allow more security for the files created in /var/cache and /var/compiled.



Example:

Add "define('DEFAULT_PHP_PERMISSIONS', 0600);" in config.php.
Use this permission when creating .php files.

Hey guys,



Was hoping that you could explain the ramifications of not setting the permissions correctly as stated in this thread. Is it more of a security precautionary issue or technical issue functionally speaking, or both?



The reason I ask is because I wish that I would have seen this thread before we performed a clean install of 2.0.12. We installed the cart per Cs-cart instructions and am having many issues. One being about 3000 of 3200 images were gone when transferred. Luckily my host was able to restore all but about 200. Could they have gone into a completely wrong file? If so, where do I start to look for them? Also images that did transfer, are acting very strangely when trying to click the thumbnail view. The “make image larger” shadow box has to be clicked twice before opening. Getting some kind of “layout_edit” graphic in place of my additional images for a product. Global options won’t work correctly…Getting 404’s.



With this being said I’m just curious if these are all symptoms of wrong permissionitis as we are about to re-set permissions this week? While speaking with my host, cyberlnc, they notified me of a few tips when working with Cs’s new version. Here is what they had to say:



“If you don’t know this already, CS-Cart’s instructions are wrong and don’t

work with current present day web servers. If you follow their instructions

on setting file and folder permissions as written, you will actually break

your web site, causes glitches, and broken pages with Error 500.



The following is the correct permissions:



755 All Folders (**** every folder irregardless ****)

600 All PHP scripts (.php)

755 All CGI scripts (.cgi, .pl, .pm, .py, .e)

644 All Ohter Files (Images, Plain HTML, Templates, Etc)



Instead of manually resetting permissions, you can create a file in the

home top folder of your account (the folder above /public_html) and

named “fixmyperms” and then leave the account alone for about an

hour and it will trigger a server process that will go in and automatically

fix the permissions on every file and folder on your account and also

go into all your scripts and programs including CS-Cart as well and

repair all bad or incorrect code in those programs dealing with

permissions and has been known to fix the vast majority of CS-Cart

problems and issues.”



Now I"m assuming that this will work for my host only, so not saying this will work for everyone and I’m not really the one that should be suggesting this at all…just interesting info to take note of. Also would like to know what people in this thread think about this info. Good advice as it’s basically what is already been indicated but interesting as far as the method for re-setting the permissions.



If anything I’m hoping this can help those of us that have already gone down the wrong path and experiencing problems. I hope someone can chime in with some sort of insight on what I have added and what I should do next.



jobosales and spiral, thanks for all the very useful info and time that you have spent working on this issue.



Thanks,

Stu