- Plesk for Linux
Plesk WordPress Toolkit Check Security option shows alerts in Plesk for example.com site. Applying security measures in Check Security by clicking Secure does not take effect, red exclamation point is shown again next to
Restrict Access to File and Directories measure:
/var/log/plesk/panel.log with Plesk debug mode enabled, incorrect permissions entries point to caching plugin files that are different on every Security Check:
CONFIG_TEXT: stderr: Incorrect permissions on /var/www/vhosts/example.com/httpdocs/wp-content/cache/wpo-minify/1622487907/assets/wpo-minify-header-b6715801.min.css.gz: expected is one of 00, 04, 040, 044, 0200, 0204, 0240, 0244, 0400, 0404, 0440, 0444, 0600, 0604, 0640, 0644, actual is 0755
The caching plugin writes cache files with "execute" permissions that are considered as suspicious by the Wordpress Toolkit security checker. New cache files are created before every new Check Security event, that leads to red exclamation mark next to
Restrict Access to File and Directories measure.
- Log in to Plesk
- Go to Wordpress Toolkit, select Wordpress instance of example.com, open Plugins tab.
- Remove or deactivate the caching plugin (for example, WP-Optimize)
- Install an alternative cache plugin (for example, WP Super Cache or W3 Total Cache).
Please sign in to leave a comment.