Security Breach Level 1 - Configuration.php

[FrogCF]

Your configuration file is writable. This can be a security risk. We recommend setting the permissions to read only.

Ok, I see the conflict here. Due to Plesk business logic, having file neither readable nor writable by the owner is a potential security threat. And according to the provided error message, WHMCS requires the perticular configuration file being not writable.
Thus, I 've reverted changes back as from the WHMCS's side such permissions can not be used. You may contact them to verify why the permissions should be set to /var/www/vhosts/Your WHMCS Location File/public_html/accounts/configuration.php only as 444. There should definitely be a reason for setting such permissions on purpose In general Plesk recommend to set 755 to folders and 644 to files. One or more files or directories in the root directory of the domain. The 'Domain Name Removed for Security Reasons' are either writable by anyone or neither readable nor writable by the owner. Such permissions are insecure and may result in or indicate a security breach ................... [INFO] - /var/www/vhosts/Your WHMCS Location Files/public_html/accounts/configuration.php.

chmod 644 /var/www/vhosts/Your WHMCS File Location/public_html/accounts/configuration.php

Due to Plesk business logic, having file neither readable nor writable by the owner is a potential security threat. And according to the provided error message, WHMCS requires the particular configuration file being not writable. Thus, I 've reverted changes back as from the WHMCS's side such permissions can not be used.

 verify why the permissions should be set to /var/www/vhosts/Your WHMCS Location Files/public_html/accounts/configuration.php only as 444. There should definitely be a reason for setting such permissions on purpose In general Plesk recommend to set 755 to folders and 644 to files

When you set these permissions to 644 without writable and are either writable by anyone or neither readable nor writable by the owner. Such permissions are insecure and may result in or indicate a security breach ................... [INFO]

You check your WHMCS Control Panel you get the following error.

Insecure Permissions Check Your configuration file is writable. This can be a security risk. We recommend setting the permissions to read only. You can learn more about this in our documentation. 

 

When you set to recommend on WHMCS Page. 

Secure the configuration.php File

We recommend adjusting the permissions for the "configuration.php" file in your WHMCS root directory. This file contains sensitive data that you can't recover without a backup of the file. To avoid accidentally overwriting, editing or deleting the file, change the permission setting of this file to 400. This provides the system with read-only access and prevents anyone else from reading, editing or executing the file.

To change the permissions on this file, you can run the following command while in your WHMCS root directory:

chmod 400 configuration.php

Attention!

Some systems may require you to set the permission to 440 or 444, depending on the server's configuration. Usually, 400 should suffice, but if you encounter an error loading the application after setting the permission to 400, try 440 and then 444.

 

Error messages no longer displays : However ( Plesk displays SECURITY BREACH LEVEL 1

 

Kind Regards, 
Danny - Security Teams.