Installation problem – wp-admin/install.php wont load

Yes I should have viewed the domain, but it still is not the security risk you are claiming.

agree with whooami on this
777 permissions are a huge security risk
but can we move on as this is not what the OP signed on for?

Absolutely – we should move on, although I do think it is useful for all people to understand that they can experiment with permissions on their server in order to try and resolve problems. I think you were right, in that it does look like a server config issue. Something I should have seen by looking at the link.

As for 777 security. The word world or all refers to the server and not the greater outside world. In order for it to be a security issue, there would need to be access above that particular directory, such as an application / script or FTP.

There are indeed millions of directories set to 777. Any security issue is confined within that directory, the issue is relative to that directory and still requires some kind of access. Password and User ID.

This issue is done to death on thousands of websites: Google: what are 777 security risks.

https://www.google.com/#hl=en&q=what+are+the+777+security+risks&aq=f&oq=&aqi=&fp=AYh9MvVRflg

I do think it is useful for all people to understand that they can experiment with permissions on their server in order to try and resolve problems.

and No-ONE said otherwise.

As for 777 security. The word world or all refers to the server and not the greater outside world.

Both Sam and I are aware of that. really.

there would need to be access above that particular directory, such as an application / script or FTP.

thats not exactly correct and I CAN demonstrate it.

A typical setup:

/
/home
/blah

all dirs are owned by root.

inside /home lets put

/home/you

and /home/me

you own /home/you and I, of course, own /home/me

You chmod /home/you to 777 and I assure you that I, being “me”, can cd into the /home/you/ directory, ls -la and proceed to edit your files.

if thats NOT a security risk to you, you need to rethink something.

Furthermore, that simplemachines says that 777 isnt an issue — is the same exact crap that the people that decided to suggest that everyone make wp-content/ world-writable so that theme files could be edited, etc.. etc.. like to toss out every once in a while.

Crap.

This btw, is demonstrated over and over again, by php shells uploaded to a single users directory that wrek fsking havoc on other user’s sites.

That there are millions of sites set up this way doesnt further your argument that it’s somehow or remotely safe.

I think I may understand what you are saying – again correct me if I am wrong.

Are you saying that someone else on a shared server, could cd across. So in such circumstances, it would be another client who already has access to the shell on the same server would cd across, then ls and edit files?

Which is conceivable – but as likely as being hit by a bus in this particular circumstance. And still would not be a major security risk as the website had not been installed. Which brings me back to the process of elimination. One stage at a time… which I tried to allude to – and naturally admitted that if I had followed the link would have seen for myself that it was not a permission issue.

Long and winded affair, but what do you think the odds are of what you describe actually happening.

Ok thanks for all the advice its been emotional LOL

turns out that Sam was right and it was due to me being on MSSQL not MYSQL

I have since changed this and the install screen loads however…..

I am now stuck on;

https://www.pauljunior.co.uk/wp-admin/install.php?step=2

It will not accept any password I enter into this step of the install

jeez ive setup up three of these so far and by far this has been the most troublesome