Sorry, I couldn't figure out what "component" to list this under.
I have my settings.php file permissions set to 400, or -r--------.
In my /admin/reports/status page, however, I get the following warning:
The file sites/[sitename]/settings.php is not protected from modifications and poses a security risk. You must change the file's permissions to be non-writable.
When i change the permissions to 444, the error goes away.
Obviously the error message is wrong...what I'm guessing is happening instead is that settings.php is completely unreadable to apache when I set the permissions to 400? Maybe there should be a different error message to that effect.
Comments