Applicable to:
- Plesk for Linux
Symptoms
Plesk WP Toolkit Check Security option shows alerts in Plesk for example.com site. Applying security measures in Check Security by clicking Secure does not take effect, red exclamation point is shown again next to Restrict Access to File and Directories measure:
In /var/log/plesk/panel.log with Plesk debug mode enabled, incorrect permissions entries point to caching plugin files that are different on every Security Check:
CONFIG_TEXT: stderr: Incorrect permissions on /var/www/vhosts/example.com/httpdocs/wp-content/cache/wpo-minify/1622487907/assets/wpo-minify-header-b6715801.min.css.gz: expected is one of 00, 04, 040, 044, 0200, 0204, 0240, 0244, 0400, 0404, 0440, 0444, 0600, 0604, 0640, 0644, actual is 0755
Cause
The caching plugin writes cache files with "execute" permissions that are considered as suspicious by the WP Toolkit security checker. New cache files are created before every new Check Security event, that leads to red exclamation mark next to Restrict Access to File and Directories measure.
Resolution
- Log in to Plesk
- Go to WP Toolkit, select Wordpress instance of example.com, open Plugins tab.
- Remove or deactivate the caching plugin (for example, WP-Optimize)
- Install an alternative cache plugin (for example, WP Super Cache or W3 Total Cache).
Comments
Please sign in to leave a comment.