F-Lock doesnt lock my wp-config.php file

Home Forums BulletProof Security Pro F-Lock doesnt lock my wp-config.php file

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • April 26, 2013 at 2:29 pm #4887
    Young Master
    Participant

    Hello. I followed your advice and transferred my site from the hosting provider I was to another web hosting provider and I managed to installed BPS Pro successfully. But everyday when I log in to wp-admin I always see a notification that my wp-config.php file is not locked and this occurs once every single day.  For troubleshooting startup I tried to check on autorestore/quarantine to see if any file was changed but non was changed and i decide to download the wp-config file and check with the original version to see if it was anything was changed but didnt find any changes. At first I thought maybe this was caused by changing my cpanel and wordpress account password but even without changing passwords I kept on seeing that my wp-config file is unlocked. I dont know what to do anymore since I didnt find any evidence that I was hacked. Please help me out.

    April 26, 2013 at 3:20 pm #4895
    AITpro Admin
    Keymaster

    Sounds like your new Host does not allow you to lock your wp-config.php file with 400 file permissions.  I know of 2 web host’s in the world out of 1,000’s that do not allow you to change the wp-config.php file permissions to 400.  Contact them and ask them if you are allowed to lock it with 400 file permissions.  If not, then you will not be able to lock your wp-config.php file and you can turn off the F-Lock check for the wp-config.php file.

    April 26, 2013 at 3:25 pm #4899
    Young Master
    Participant

    My web host is inmotion hosting.

    April 26, 2013 at 3:28 pm #4900
    AITpro Admin
    Keymaster

    They are a good host.  Contact them and ask them if you can or cannot lock your wp-config.php file with 400 permissions.  I am pretty sure they do allow 400 file permissions. Are any files being sent to Quarantine? Like the wp-config.php file for example? Also use FTP and manually change the wp-config.php file permissions to 400 permissions and see if it stays at 400 permissions or automatically resets to 644 permissions.

    April 26, 2013 at 3:50 pm #4917
    Young Master
    Participant

    No. there is no any file sent to quarantine. I reset the file permission back to 644 and changed the file permission manually to 400 but the file permission changed to 600 instead of 400. Am still trying to contact my host.

    April 26, 2013 at 3:54 pm #4920
    AITpro Admin
    Keymaster

    Ok then you have your answer.  Your Host is automatically resetting the wp-config.php file permissions to 600.  This is fine and is still very secure.  So just turn off the F-Lock check.  If your Host is automatically doing this then you do not need for BPS Pro to also check the wp-config.php file.

    April 26, 2013 at 4:17 pm #4922
    Young Master
    Participant

    Well thank you very much.

  • Author
    Posts
Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.