Paper Lantern for cPanel accounts is being retired this year. Find out more »
cPanel & WHM Version 102 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Add an option to allow bypassing restrictive user account .htaccess permissions

cp_Sky shared this idea 6 years ago
Open Discussion

In some utilities in cPanel, such as the pkgacct or AutoSSL, a restrictive .htaccess utilizing 0444 permissions will cause these to fail to address/adjust this resource during these operations :

  1. Cpanel::Transaction::File::Base::new("Cpanel::Transaction::File::Raw", "path", "/home/ourUserName/public_html/.htaccess", "permissions", 420) called at /usr/local/cpanel/Cpanel/HttpUtils/ line 449
  2. [2016-10-14 01:22:08 +0300] Fixing up EA4 .htaccess blocks: /home/ourUserName/public_html/.htaccess (failed) Done.

It might be useful for some to allow cPanel to attempt to determine if this seems like it should be able to be adjusted, perhaps in the nature of a Tweak Setting.

I have seen many hosting providers utilize 0000/chattr immutable permissions to keep compromised accounts from making malicious redirects, so perhaps it should not be made to ambitious, but perhaps try to detect for only a somewhat restricted .htaccess, or simply adjust it only temporarily for whatever process is at issue, then set it back to it's previously set permissions.

Leave a Comment
Attach a file