Permissions are all busted

  • So I’ve had my site up and running for a couple of months. I haven’t touched any plugins or updated anything in about a month. I tried to do it today (WordPress 4.8 worked but no plugin updates) and I have nothing but permissions errors.

    From plugin install:
    Installation failed: Download failed. Destination directory for file streaming does not exist or is not writable.

    Plugin update:
    Download failed. Destination directory for file streaming does not exist or is not writable.

    I randomly get a message that one of the upload directories is not writeable.

    I have NO freakin’ clue what happened. I’ve reset permissions and set them back to 775. Change the owners and groups….I don’t know what else to do. Nothing was even changed!

    the site is https://www.vivaexplorer.com

    help ??

Viewing 9 replies - 1 through 9 (of 9 total)

  • Hello, katielind05. 1st, thanks for the url. That is more helful than you realize, I suspect.

    Could you please tell us whether you’re on a shared, VPS, or dedicated server? 775, except for possibly the uploads folder, is generally not a good setting–too liberal. We generally prefer 0755.

    Thread Starter katielind05

    (@katielind05)

    It’s a shared server. I set the permissions back to 0755. I was trying everything to see what broke ?? I am at a loss here.

    Thread Starter katielind05

    (@katielind05)

    This is what I randomly get at the top of all the pages:

    WPThumb has detected a problem. The directory /opt/bitnami/apps/wordpress/htdocs/wp-content/uploads/2017/06 is not writable.

    But…it is writable.

    Hi, again, Katie. Looks like you’re hosting w/IPage, unless I’m totally off here. You may need to contact them to see if they can look at their server error logs to figure out what may be occurring.

    1 thing you could try is to log into your dashboard & activate one of the WordPress default themes (they begin w/the word twenty), then try to update & see if that works. Consider this a temporary troubleshooting measure. If deactivating the theme causes the updates to work, then I would suggest contacting your theme’s support desk, as this is 1 of the things you paid for when purchasing the theme. We are unable to support any but the default WordPress themes here on the forums, as most of us don’t have access to the multiplicity of other themes in the WordPress ecosphere.

    Another thing you may wish to do is to open your wp-config.php file & change wp_debug to ‘true’. This is a serious security risk, so please change it back immediately when you’ve finished, but doing so will often show errors on the site. Simply visit it &/or log in once you’ve made the change & see if any error msgs appear. In addition, you may wish to look in the WordPress folders, along w/plugins subfolders, to see if there are any error_log or error.log files that might give us some indication of what might be occurring. Also, if you’ve installed any security plugins lately, you may wish to disable them & see if the errors persist.

    Katie, sorry–I just realized something. WPThumb does not seem to be maintained anymore, & appears not to have been for at least 3 years now. My suggestion is that you delete it & check your permissions. Unfortunately, plugins that have not been maintained for such a long time sometimes have code vulnerabilities, ie, code that hackers have been able to use to hack the website on which the plugin was installed. I am a bit concerned–ok maybe more than just a bit.

    Thread Starter katielind05

    (@katielind05)

    Ick. The only way I’ve gotten past all of this is by setting wp-content and everything to 777. I thought I had tried that earlier. That’s not cool.

    Thread Starter katielind05

    (@katielind05)

    I don’t even have a plugin called WPThumb so I’m not quite sure where that is coming in from.

    Thread Starter katielind05

    (@katielind05)

    I host with Amazon.
    Somehow the directories were *supposed* to be owned by an entirely different user that I hadn’t set up myself. Did chown -R on the directory and it seems like I’m ok for now. No idea how…..

    I’m really concerned, from what you’re telling me, that your site may have been compromised. I’m not seeing any evidence of it in Google, but I am concerned nonetheless. I think, were I you, that I would install Wordfence & check the following options if they aren’t already:
    scan plugins & themes
    Scan files outside your WordPress installation
    Scan images, binary, and other files as if they were executable
    Immediately block fake Google crawlers
    Immediately lock out invalid usernames
    Hide WordPress version
    Block IPs who send POST requests with blank User-Agent and Referer

    Some of these options may put a load on your server, & you may wish to uncheck them once you’re done, but they can be particularly helpful when trying to see if a site has possibly been compromised.

    Another thing that may be wise is to open your wp-config.php file & change the various authentication keys as instructed under * Authentication Unique Keys and Salts.
    This will log out any users that may be currently logged in. I’d also suggest changing your control panel & dashboard passwords immediately to something bulletproof, ie, w/upper & lowercase letters, numbers, & punctuation signs, & something that doesn’t contain dictionary words. There are numerous articles on the web on how to make strong passwords, in case that’s of interest, though I rather suspect you already know how to do this. I think these are precautions worth taking–you know–just in case.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Permissions are all busted’ is closed to new replies.