An Error has occurred! Unable to open configuration.php file to write!

[jamiro911]

I have a dedicated server from OVH and use cPanel. I just moved to a new server with the same installation. Since two days company Way to the Web Limited did a security check up, cause my other server was hacked twice and I didn't want that to happen again.

The problem now is that in all my Joomla websites (I don't use others for the moment) I'm stuck cause I cant use FTP from the Joomla adm panel.
I always get this message



* JFTP::login: Unable to login
* JFTP::write: Unable to use passive mode
An Error has occurred! Unable to open configuration.php file to write!


Strange is that I can login to filezilla with user and pass but not in Adm panel from the Joomla websites.

I guess there is something changed within the last two days (maybe php version, or something in root server security)

Someone who had same problemq?

[vheeds]

You should correct user name and password of your ftp they are in "site"menu
site>global configuration>server>ftp setting and also make sure to use the passive mode ftp

[jamiro911]

You should correct user name and password of your ftp they are in "site"menu
site>global configuration>server>ftp setting and also make sure to use the passive mode ftp

Hello. I guess you mean the FTP backup in main/backup/configure backup? That is on enabled.
I also corrected name and password in ftp setting of joomla. I used the same as I use in Filezilla. Because strange enough I can go on FTP with Filezilla, but not en joomla admin panel. Even if I set configuration.php on 777

I took a support ticket on Way to the Web Limited and this is what they told me.

Danny Wauters
Posted On: 28 May 2010 10:41 AM
Hell, since my dedicated server had a cPanel service package I can't integrate FTP on any website I'm hosting.
I always get this messages

* JFTP::login: Unable to login
* JFTP::write: Unable to use passive mode
* JFTP::delete: Bad response
* JFTP::write: Unable to use passive mode

* Er is een fout opgetreden! Kon configuration.php bestand niet openen om te schrijven! (cant open configuration.php to write)


when I change permissions on configuration.php to 777 it doesn't help
I've downloaded the file and changed it myself but doesn't helped.

Can it be something on the server because before the service it worked all well.

greatz

Jonathan
Posted On: 28 May 2010 10:19 PM
Are the scripts trying to connect out on the server via FTP? If so, you might need to ensure Passive Mode is enabled. If the script is always connecting to the same destination, you could try whitelisting the destination IP address in csf.

You might also need to check the Apache error log (/usr/local/apache/logs/error_log) when using such scripts incase the issue is with the script using a disabled PHP function.

Danny Wauters
Posted On: 29 May 2010 7:54 AM
I found it under main/backup/configure backup and enabled it, but it didn't worked. Still got the message


* JFTP::login: Unable to login
* JFTP::write: Unable to use passive mode

Message

* An Error has occurred! Unable to open configuration.php file to write!

Jonathan
Posted On: 29 May 2010 9:23 AM
You need to go through each of the suggestions I made. The passive mode setting would be in whatever PHP script you're using. The most important thing is to check the apache error log.

We don't provide support for web scripts, so there's little more help I can provide.

this thing is difficult for me to understand

If the script is always connecting to the same destination, you could try whitelisting the destination IP address in csf.

You might also need to check the Apache error log (/usr/local/apache/logs/error_log) when using such scripts incase the issue is with the script using a disabled PHP function.

[Spiral]

when I change permissions on configuration.php to 777 it doesn't help
I've downloaded the file and changed it myself but doesn't helped.

If your server's PHP is anything other than DSO (Apache Module) based then you cannot set any file or folder on your web site to 777 permissions and doing so will actually break your scripts and could break your web site completely.

DSO based PHP is less used these days primarily because of it's inherent security problems that are actually quite extreme and most servers deployed new are build primarily with SuPHP as the PHP base.

Under SuPHP you don't need anything set to '777' and can safely ignore any program installation instructions telling you to set '777' permissions.

[jamiro911]

Would it be helpful if I show my info.php?

[Spiral]

Would it be helpful if I show my info.php?

For what should be obvious security reasons, I would not recommend publicly posting your phpinfo screen or a link to it.

However, if you want to send me the link by private message, I would be happy to take a look at the for you and tell you what I see.

[jamiro911]

For what should be obvious security reasons, I would not recommend publicly posting your phpinfo screen or a link to it.

However, if you want to send me the link by private message, I would be happy to take a look at the for you and tell you what I see.

PM Sent with the link

[Spiral]

PM Sent with the link

I received your pm with the link but the page at the URL you sent does not exist.

However the default 404 "File Not Found" page was every bit just as informative and, I am now very glad you chose to follow the advice to send the link to your phpinfo page (albeit missing) by private message. The fact that Apache is providing full signatures itself alone shows a lack of any significant effort to security harden the server but given what is actually in the that signature line is even more alarming:

Code:

Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.4.7 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.8b

Legacy telnet is actually active on this server.

Same goes for inbound ICMP.

SSH is on the standard default port with open password access

Port scans of the server indicate no active firewall with many ports open and no apparent signs of filtering of any kind and many vulnerable and exploitable server applications noted as well as two active server ports known to be associated with a specific rootkit exploit as well.

Moreover, your Cpanel is a very old outdated version as well!

If this is how the server looks from the outside, I'm almost a bit afraid to see how the server looks on the inside.

... cause my other server was hacked twice and I didn't want that to happen again.

It's no surprise whatsoever you got hacked twice!

Someone supposedly did a "security checkup"? I think not!

I have your email and will follow up with you more on this outside the forums.

[Infopro]

So what was this then from the first post, a different server?

..Since two days company Way to the Web Limited did a security check up, cause my other server was hacked twice and I didn't want that to happen again...

[jamiro911]

So what was this then from the first post, a different server?

No. I did a reinstall of the server, which installs cpanel from itself. Cpanel seems to be 6 years old...
Server is from OVH.

Totally outdated

[Infopro]

No. I did a reinstall of the server, which installs cpanel from itself. Cpanel seems to be 6 years old...
Server is from OVH.

Totally outdated

You're missing my point, if you had chirpy do a security checkup as you say, there is no way spiral would have found what he says he did.

[jamiro911]

You're missing my point, if you had chirpy do a security checkup as you say, there is no way spiral would have found what he says he did.

indeed. this was after the reinstallation of the server.
First I had the new server with the securtity checkup. But because some errors and no one could help me, I did a reinstall (without a security checkup again)