🚀 Is building a website too difficult? Let me guide you step by step—Learn about the 「Naibabiji WordPress Website Building Coaching Service」 →
🔍 Click Here to Search This Site
Website Building Knowledge

Modify .user.ini file permissions to add Wordfence high firewall level

📅 October 20, 2019
👤 Lee
⏱️ Reading Time: 1 minute
🔄 Last updated: November 1, 2019
Naibabiji usesThe Wordfence firewall Plugin, in the Plugin settings interface, there is a Protection Level that can be set so all PHP requests are processed by the Wordfence firewall first. However, during the setup process, there may be a failure to modify the .user.ini file. This is because the permissions of the .user.ini file are locked; you just need to remove the file lock.

Method to modify .user.ini file permissions

If you are usingLNMPFor a website environment built with a one-click package, the commands to execute are as follows:
chattr -i /home/wwwroot/你网站文件夹/.user.ini
After processing, you can automatically modify the firewall level in the Wordfence settings interface. If you no longer want this setting in the future, you can use the following command to lock the .user.ini file again to prevent modifications.
chattr +i /home/wwwroot/你网站文件夹/.user.ini

Introduction to the chattr command

chattr command: Sometimes you find that even with root privileges, you cannot modify a certain file, mostly because the file was locked using the chattr command. The chattr command is very powerful; modifying attributes with it can enhance system security, but it is not suitable for all directories. The chattr command cannot protect the /, /dev, /tmp, /var directories. The lsattr command displays the file attributes set by the chattr command.
语法 chattr [-RV] [-+=AacDdijsSu] [-v version] 文件或目录
参数  描述
-R  递归处理所有的文件及子目录。
-V  详细显示修改内容,并打印输出。
–   失效属性。
+   激活属性。
=   指定属性。
A   Atime,告诉系统不要修改对这个文件的最后访问时间。
S   Sync,一旦应用程序对这个文件执行了写操作,使系统立刻把修改的结果写到磁盘。
a   Append Only,系统只允许在这个文件之后追加数据,不允许任何进程覆盖或截断这个文件。如果目录具有这个属性,系统将只允许在这个目录下建立和修改文件,而不允许删除任何文件。
i   Immutable,系统不允许对这个文件进行任何的修改。如果目录具有这个属性,那么任何的进程只能修改目录之下的文件,不允许建立和删除文件。
D   检查压缩文件中的错误。
d   No dump,在进行文件系统备份时,dump程序将忽略这个文件。
C   Compress,系统以透明的方式压缩这个文件。从这个文件读取时,返回的是解压之后的数据;而向这个文件中写入数据时,数据首先被压缩之后才写入磁盘。
s   Secure Delete,让系统在删除这个文件时,使用0填充文件所在的区域。
u   Undelete,当一个应用程序请求删除这个文件,系统会保留其数据块以便以后能够恢复删除这个文件。
Example:
用chattr命令防止系统中某个关键文件被修改:
# chattr +i /etc/resolv.conf
  
用lsattr查询文件属性:
# lsattr /etc/resolv.conf
----i-------- /etc/resolv.conf #显示如上
  
让某个文件只能往里面追加数据,但不能删除,适用于各种日志文件:
# chattr +a /var/log/messages
Reference:Big-eyed Girl

🚀 Still feeling confused after reading the tutorial? Let me guide you step-by-step instead.

「Naibabiji WordPress Website Building Coaching」 — From selecting a domain and purchasing hosting to installing themes and publishing posts, I「ll guide you through every step, helping you avoid detours and reach your goals directly.

👉 Learn about Website Building Coaching Service
🔒

Comments are closed

The comment function for this article is closed. If you have any questions, please feel free to contact us through other channels.

×
二维码

Scan to Follow