-2

The site www.bethazore.com is having a couple of error messages come up when trying to login to the admin-

Warning: file_put_contents(/home/content/37/10812537/html/wp-content/themes/novelty/custom-style.css) [function.file-put-contents]: failed to open stream: Permission denied in /home/content/37/10812537/html/wp-content/themes/novelty/functions.php on line 66

Warning: Cannot modify header information - headers already sent by (output started at /home/content/37/10812537/html/wp-content/themes/novelty/functions.php:66) in /home/content/37/10812537/html/wp-includes/pluggable.php on line 875.

I got some help here. I'm not sure how to fix it, it's a bit too complicated for me here but this is what they said Warning: Cannot modify header information - headers already sent by ERROR - can anyone help?

Community
  • 1
  • 1
savourmedia
  • 11
  • 2

1 Answers1

2

Let's analyze this error word by word:

file_put_contents(/home/content/37/10812537/html/wp-content/themes/novelty/custom-style.css)

Right, so we're running file_put_contents, and it's accessing that file.

failed to open stream: Permission denied

But it's not allowed to do what it wants to do with that file, which is writing for that function.

in /home/content/37/10812537/html/wp-content/themes/novelty/functions.php on line 66

And that's where it was called.

So, you now know where the error was generated, what is causing it, and what it's trying to do. The problem is of course that Apache doesn't have permissions to overwrite that file.

Run the following in your console:

chmod 777 /home/content/37/10812537/html/wp-content/themes/novelty/custom-style.css

Or set it to mode 777 in your control panel, and you should be fine.

Niels Keurentjes
  • 41,402
  • 9
  • 98
  • 136
  • On a standard shared hosting box your files are always readable by other users, as all users run under the same Apache user. The real threat is that this makes the file writable, but another user would have to know your username and that you are on the exact same cluster to exploit it. Unfortunately there's no other way to facilitate self-modifying code like this, it's all too common in Wordpress and its crappy themes. – Niels Keurentjes Dec 06 '14 at 01:26
  • On this file it is fine, since it is intended for public access. However it is probably worth putting forward a warning that using `777` permissions should be done with caution elsewhere in a WP file structure, since it can open up permissions to other customers in shared hosting environments that weaken security (e.g. make database passwords readable). – halfer Dec 06 '14 at 01:26
  • Agreed - I modified my comment after noticing this was a public file! Some hosts do use suExec, but yes, it's hard to get this right on shared hosting. – halfer Dec 06 '14 at 01:28