Trying to create & read htaccess file – non-writable dir/Nginx

would it be possible to see the entire message? (you can x out your site address if you need to)

Hm, not sure what you are referring to re the entire message. Here is another one from the error logs. This is all I can see in the PHP error logs – I have only edited/shortened the path and there is no stack trace or anything else related to this:

[20-Jan-2023 22:56:24 UTC] PHP Warning: file_put_contents([web root]/.htaccess): Failed to open stream: Permission denied in /[…]/wp-content/plugins/wp-optimize/includes/class-wp-optimize-htaccess.php on line 135

On Apache servers WPO creates a .htaccess under wp-content/cache/wpo-cache

I have setup a site on a NGIX Server, enabled various settings (I get some put/get contents errors) and then added a .htaccess file to both the root directory of the site and wpo- cache directory but this has no affect (given that it’s on NGIX this somewhat expected)

I have asked my colleague to take a look at the ticket to see if they can suggest anything.

Thanks for looking into it! Fully understand that htaccess is Apache specific. We also have page cache turned off and WPO does recognize that e.g. gzip compression is already set up outside of the plugin (via Nginx I’m assuming) and it shows that in a message and doesn’t even allow to turn that setting on or off. Which is great. Just puzzling that there is no way to prevent (disable) the htaccess read/write activity.

@marcosf We are aware of this issue and is already fixed. Will be available to you in the next release. Some hosting providers with NGINX server prevent use of .htaccess for performance enhancement.

Having said that, I believe you somehow have .htaccess file in the uploads folder but don’t have read/write permission to it? Could you please confirm that you get this warning file_get_contents repeatedly? Thanks

[updated/edited my reply]
@webulous I do see an empty htaccess file in the uploads folder. The file right look the same as other files and should allow for read/write. There could be another (security related) measure in place that prevents access though. I do see 2 warnings related to that file in the last 24hs.

And, to re-confirm, you are saying that this issue should be gone with the next plugin update?

• This reply was modified 2 years, 1 month ago by Marco Schmoecker.

@marcosf Yes, we have fixed the file_put_contents warning. Regarding file_get_contents as you said yourself, the checks are already in place. So, I wanted to confirm that this happens repeatedly.

Moreover, since file_put_contents throws a warning the empty .htaccess itself shouldn’t be in uploads folder.

For some reason, NGINX config allows .htaccess to be created with read/write access and denies actually reading/writing, then I’m afraid you could manually remove those permissions

@webulous Gotcha, yes, it does/did happen repeatedly. I’ll go ahead and delete the htaccess file and will let you know if I see this issue come up again after the next plugin update. Thanks!

@webulous The htaccess file is getting recreated, right after deleting it (in the uploads folder). Just wanted to report back. It’s still empty though.

@marcosf .htaccess recreation is expected since the uploads folder has write permissions. But I’m guessing that the created .htaccess file also have read/write permission in file system but somehow Nginx restricts it.

So could you please make sure that file doesn’t have read/write access? And it should fix the file_get_contents warning (since the code is already there)

We can’t code based on server software, because $_SERVER['SERVER_SOFTWARE'] is not always set