- Posts: 3431
- Karma: 25
- Thank you received: 276
Every task (integrity and permissions) generate a file, but the previous file is deleted before launching the task, so you should see only two files... Anyway you can include the entire folder as exception; to do that select the path and copy it into "Global Configuration -> File manager tab -> File/Folder exceptions; comma separated values" and set "Recursive folder exceptions" to Yes.
So, I think you should exclude the scans directory from warnings or at least do not use them for the system information security level. Repairing the three files succeeds with two, fails with one (because it got removed during the process - keep a maximum of three?) and a new one got added, that, of course, has wrong permissions. So, I always have at least *1* file with wrong permissions.
Yes. Now try changing only a letter, for example, of any index.php file and launch a new file integrity scan. It should return only that file.
Then I made the integrity check. Almost all files changed hash. I marked them now all as safe at once. That's the way to do it?
No, you must add the entire path (you see it in Path row). It will be something like /home/mysite/public_html/securitycheck
What's the correct syntax? "*/com_securitycheckpro/scans/" Does this work?
Yes, maybe you're right, but I designed the feature to set standard permissions. Many people doesn't know what permissions mean, so I don't want to give them the ability to set an incorrect value. If for some reason you need to keep other permissions just add the files/folder as exceptions.
I'm now working on another site where I did a akeeba backup after update and before doing the file permission check. As I said earlier, it's the files in the akeeba backup directory that are flagged. For instance, a new database backup sql file got changed from 660 to 644 which makes it word-readable (if there wasn't the .htaccess file). I think this shouldn't happen. Securitycheck should not give *more* permissions to files, only less. Or give more permsisions only in a second mode, that is less about security but rather about making all of Joomla run (which may include giving more permissiosn to some files).