After installing osCommerce you will see a message similar to "I am able to write to the configuration file: /home/userna99/public_html/includes/configure.php. This is a potential security risk - please set the right user permissions on this file."

In this tutorial I will show you how to modify the permissions of the configure.php file, so it is secured and the notification will go away.

Securing the configure.php File:

  1. Login to your cPanel.
  2. Under the File section, click the File Manager. If the File Manager Directory Selection window comes up, click Web Root, and click the Go Button.
  3. Navigate to the configure.php file specified in the error. In my tests it is: /home/userna99/public_html/includes/configure.php
  4. Right-click the configure.php file, and click Change Permissions.
  5. In the change permissions window, change them to 4-4-4, then click the Change Permissions button.
  6. Now login to the osCommerce Admin section, and you will see the "Security risk" message is gone, and has been replaced by "This is a properly configured installation of osCommerce Online Merchant!"


Congratulations, now the configure.php file for your osCommerce is protected from a potential security risk!
Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve our Support Center:
Email Address
Optional, but our team may contact you for more information.
Like this Article?

Post a Comment

Name:
Email Address:
Comment:
Are you a bot?
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

Write New!
Do you want to publish a tutorial to our support center?

News / Announcements

SSL Certficate Warnings
Updated 2014-04-14 11:34 am EST
Hits: 2168
Heartbleed 0-day OpenSSL security bug
Updated 2014-04-14 04:43 pm EST
Hits: 5554

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!