Fatal error when directory permissions do not allow editing uploads/sermons

About Support Support Fatal error when directory permissions do not allow editing uploads/sermons

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • 27th August 2024 at 3:53 pm #10064
    Avatar for kgourlaykgourlay
    Participant

    Hi,
    I was playing around with some security recommendations that restrict write access to parts of the directory structure. Obviously doing this would prevent WordPress and some plugins from doing all the things they want to do, but it shouldn’t completely break the site. It looks like Church Admin Plugin does not catch the error that comes from being unable to write to the uploads directory.

    Interestingly, I am not using the sermons module at all, so I’m not sure why the plugin needs to write this file. (It looks like it’s trying to do some directory setup ahead of actually using sermons.) Regardless, it would be nice if instances such as this fail more gracefully instead of cause a critical error on the website.

    
[27-Aug-2024 00:42:24 UTC] PHP Warning:  fopen(/var/www/html/wp-content/uploads/sermons/index.php): Failed to open stream: Permission denied in /var/www/html/wp-content/plugins/church-admin/index.php on line 7767
[27-Aug-2024 00:42:24 UTC] PHP Fatal error:  Uncaught TypeError: fclose(): Argument #1 ($stream) must be of type resource, bool given in /var/www/html/wp-content/plugins/church-admin/index.php:7769
Stack trace:
#0 /var/www/html/wp-content/plugins/church-admin/index.php(7769): fclose(false)
#1 /var/www/html/wp-content/plugins/church-admin/index.php(2196): church_admin_create_directories()
#2 /var/www/html/wp-content/plugins/church-admin/index.php(1673): church_admin_constants()
#3 /var/www/html/wp-includes/class-wp-hook.php(324): church_admin_initialise('')
#4 /var/www/html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters(NULL, Array)
#5 /var/www/html/wp-includes/plugin.php(517): WP_Hook->do_action(Array)
#6 /var/www/html/wp-settings.php(700): do_action('init')
#7 /var/www/html/wp-config.php(85): require_once('/var/www/html/w...')
#8 /var/www/html/wp-load.php(50): require_once('/var/www/html/w...')
#9 /var/www/html/wp-blog-header.php(13): require_once('/var/www/html/w...')
#10 /var/www/html/index.php(17): require('/var/www/html/w...')
#11 {main}
  thrown in /var/www/html/wp-content/plugins/church-admin/index.php on line 7769
    • This topic was modified 5 months, 3 weeks ago by Avatar for kgourlaykgourlay. Reason: correct log file formatting
    28th August 2024 at 10:25 am #10066
    Avatar for Andy MoyleAndy Moyle
    Keymaster

    Will make it fail more graciously.
    The “security” plugin wil cause other issues like uploading images if it locks down the uploads dir

    Sucuri allows you to block executable files in that directory, which is more what is needed.

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.