By BetaByte on

I read in other threads that drupal handled the safe mode quite well, but it doesn't seem to be so in my case.

I'm using drupal on my ISP space, that is basicly a hosting package (mysql 3.x, plex, ftp, mail, apache, ... the works)
But they've enabled the safe mode, like any hoster would.
And now I'm stuck, since I get this error :

* warning: fopen(): SAFE MODE Restriction in effect. The script whose uid is 11004 is not allowed to access /home/httpd/vhosts/****/subdomains/library/httpdocs/files/tmp owned by uid 48 in /home/httpd/vhosts/****/subdomains/library/httpdocs/includes/file.inc on line 117.
* warning: fopen(files/tmp/.htaccess): failed to open stream: Success in /home/httpd/vhosts/****/subdomains/library/httpdocs/includes/file.inc on line 117.
* Security warning: Couldn't write .htaccess file. Please create a .htaccess file in your files/tmp directory which contains the following lines:
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
Options None

RewriteEngine off

And I can't upload a htaccess file in that directory myself, ...

[R] STOR .htaccess
[R] 550 .htaccess: Permission denied
[R] Transfer Failed!

and the chmod doesn't allow more then a 775.
Any thoughts someone ?

Categories: Drupal 4.7.x

Comments

cog.rusty’s picture

cog.rusty commented

But they've enabled the safe mode, like any hoster would.

Not true. Mostly ISPs do it, probably because it is called "safe". Safe mode was a bad idea and has been removed from PHP 6.

The reason you can't chmod that tmp file is that it was created by a script (Drupal), so it is owned by the web server (user 'apache' or 'nobody'), not you. And it is 775 (you are in that "5").

The short answer would be "host your site somewhere else" but I understand this is not what you wanted to hear... I don't have first hand experience with "safe mode", but here is what I would try:

- Look at your 'files' directory and everything it contains and note down the structure. Download a backup if you have files.

- Then delete 'files' and everything below it using a php script (neither ftp nor shell access will do) or just ask your host's tech support to delete it for you ("because I can not").

- Create the 'files' directory and everything below it yourself, using ftp (so that you are the owner), and give 777 permissions to the 'files' directory and all its subdirectories.

- In your 'files' directory, upload an .htaccess file with these two lines:

SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
Options +FollowSymLinks

If this fails I have no idea how else this could work.

fudge714’s picture

fudge714 commented

the easy way to fix this is:
--create another folder in /files called say 'temp' instead of 'tmp', set the file permissions to 777
--copy across any files from files/tmp to files/temp
--and then in admin file system settings, change the temp directory from files/tmp to files/temp.
should work fine...

rhip’s picture

rhip commented

Thank you fudge714 for this workaround. My Hosts wouldn't switch off Safe Mode - this is perfect THANK YOU!

drvdt’s picture

drvdt commented

Please, ask your support turn off SAFE MODE.
--> worked with me

My sites: Medicare