LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 03-09-2011, 11:44 PM   #1
peterson.julia
Member
 
Registered: Nov 2009
Distribution: All flavors...
Posts: 37

Rep: Reputation: 1
Wordpress permissions on Linux server.


I have question regarding setting permissions on wp-content/uploads... in wordpres. I read a tutorial where they want you to set permissions:

chown -R julie.julie uploads/
chmod -R 777 uploads/

777 makes it rwx for others as well. It's not secure! It works but is temporary fix.

How I can make sure that the user julie (wordpress) will be able to write to it but anybody else wont.

Set a sticky bit on the folder? Which one?

Running Cent OS so is in chroot jail.

Thx
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 03-10-2011, 12:55 AM   #2
jrtayloriv
Member
 
Registered: Jun 2004
Location: Inland NW, US
Distribution: Ubuntu
Posts: 365
Blog Entries: 1

Rep: Reputation: 44
http://codex.wordpress.org/Changing_File_Permissions
 
Old 03-10-2011, 09:14 PM   #3
peterson.julia
Member
 
Registered: Nov 2009
Distribution: All flavors...
Posts: 37

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by jrtayloriv View Post
Thanks...I know how to set permissions. The question is "How the properly set permissions on /wp-content/uploads/" in case of linux" if I set it 777 the others can rwx so is it ok? Wont somebody just delete the pics etc what is in there?

Thx

Last edited by peterson.julia; 03-10-2011 at 09:17 PM.
 
0 members found this post helpful.
Old 03-10-2011, 10:15 PM   #4
frankbell
Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Mageia, Mint
Posts: 8,221

Rep: Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552
I don't think you need to worry about the local permissions.

On a hosted site, /wp-content/uploads is not normally open to the public. It is used when a logged in WP user with appropriate WP rights desires to upload content using one of the upload/insert functions that appears above the post text field.

Unless you have enabled public ftp access to that directory, it should be available only to someone with a WP login and appropriate rights (for a linked upload using the built-in uploader) or to an ftp login with access to that directory. If it is available to public ftp, the thing to do is turn off the public ftp.

I have public ftp access turned off with my hosting service. The only way to ftp to my site to use my personal ftp username and pword.

In other words, if your server security is set properly, the local rights on that directory are a non-issue. If people can't get in the front door, they won't get in the closet.

And if a bad guy is sitting at your server doing bad stuff at the keyboard, you have security problems far more serious than permissions issues.
 
2 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Wordpress Server Silver565 Linux - Server 2 04-20-2010 01:03 AM
Wordpress server iso druisgod Linux - Server 3 10-18-2009 08:15 AM
how to allow wordpress to send email from server cucolin@ Linux - Server 4 08-01-2008 02:42 PM
Permissions for Wordpress vital_101 Ubuntu 3 10-03-2006 06:53 PM


All times are GMT -5. The time now is 06:11 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration