pfleming

It would be great to have something better than my hacked together fix. For now it works. ??

Rob,
Setting 666 on any folder is extremely dangerous, don’t do it if you can at all help it. 666 is the attributes expressed in a numerical format, but essentially it means, 6– owner of the file can read and write (write also means delete!) -6- those in the users group can read and write –6 everyone else (the whole world, more specifically others) can read and write the file.
4 = read
2 = write
1 = execute
If you want to set read and write it’s 4+2 = 6, if it’s read, write and execute it’s 4+2+1 = 7. Read and execute is the highest that anyone you don’t trust should be allowed eg 4+1 = 5. However, on a web server it is not the actual “other” group that has anything to do with the files. I set mine to 755 with the user and the group set to my username. If the server *must* write to a file, I change the group to the name of the web server group, in my case apache and change permissions to 765 or something along those lines.
Long story short, if you do change permissions on those files as recommended, change them back as soon as they are written.

Make sure there are no white spaces before or after your php tags <?php and ?>
I just cleaned my site of this problem. I watched the error logs and it kept referring to headers already sent. By default headers are sent when there are spaces above or below your php tags.

Ok… I’ve been hit with this as well… a couple of hundred today. What I don’t quite understand is where these show up. I mean they are publicly visible right? What is the purpose of the trackback flood spam?