LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 06-19-2011, 12:58 PM   #1
GTBlackwell
Member
 
Registered: Aug 2003
Location: MO, USA
Distribution: Mandrake 9.1/9.2(Laptop)
Posts: 117

Rep: Reputation: 15
Question Wordpress asking for ftp credentials


I host a number of sites and recently migrated to a new server (both old and new are running Ubuntu 10.04 [I only upgrade my web server when there is a new LTS release]). After the migration, Wordpress is asking for ftp credentials to update plugins, which it never used to do. I'm certain this is user/group/permissions related, but because of the new setup, I'm not sure what these should be set to.

On the previous server, each site was a subdirectory of /var/www/ and everything was owned by www-data. This wasn't the best setup, since it meant my users didn't have direct access to their own sites. In the new setup, each page I host is in /home/username/www/. Consequently, all the files are owned by 'username'.

My guess is that Wordpress' request for ftp credentials stems from a conflict between the apache2 user and the usernames that own the sites. Is this accurate? If so, how do I rectify this?
 
Old 06-19-2011, 02:56 PM   #2
Thor_2.0
Senior Member
 
Registered: Nov 2007
Location: Somewhere on my hard drive...
Distribution: Manjaro
Posts: 2,217
Blog Entries: 23

Rep: Reputation: 279Reputation: 279Reputation: 279
Hi,

Okay, beforehand, I want to apologise if my answer is incorrect or beside the point.

I run a private server as well, users need to upload/update their stuff on that server. It runs VSFTPD. So, I have set the conf in such a way that the user (who has an account on the server of course) is chroot/jailed into her/his own folder. The /var/www/ has symlinks to each folder, the rest means you'd have to mount the symlink from the /var/www folder to the user's folder individually. One mount action per user on the server.
That could give you the same ease as before, but the added security. I asume (asume being the scream here) wordpress wants to get tuned in per user...

At any rate, that's how I'd go about it...

Again, luck and apologies if in any chance I posted besides the point...but this challenge was way too interesting to just let is go...

Luck

Thor
 
Old 06-19-2011, 06:55 PM   #3
GTBlackwell
Member
 
Registered: Aug 2003
Location: MO, USA
Distribution: Mandrake 9.1/9.2(Laptop)
Posts: 117

Original Poster
Rep: Reputation: 15
I hadn't thought of that setup, and it might be worth a shot. If it is a permissions problem, though, I'm not sure this will rectify it. While the symlink from /var/www/ to the user's directory itself would have the right permissions, everything past that would still be owned by the user. This would be a quick solution to test though, so I'll give it a try.
 
Old 06-19-2011, 07:23 PM   #4
GTBlackwell
Member
 
Registered: Aug 2003
Location: MO, USA
Distribution: Mandrake 9.1/9.2(Laptop)
Posts: 117

Original Poster
Rep: Reputation: 15
Well, I changed the sites-available page for one of my sites to direct connections to the symlink in /var/www/, but no change. Wordpress still asks for ftp cedentials when updating plugins. :-/ Any other suggestions?
 
Old 06-19-2011, 10:35 PM   #5
GTBlackwell
Member
 
Registered: Aug 2003
Location: MO, USA
Distribution: Mandrake 9.1/9.2(Laptop)
Posts: 117

Original Poster
Rep: Reputation: 15
Smile Solved?

Okay, so I think I found an acceptable workaround:

Instead of directing apache to a symlink in /var/www, I went a completely different (and actually much-simpler-to-implement) route. I moved the sites back into their respective owners' home directories, but changed the permissions to the following:

drwxrwx--- 5 www-data username 4096 2011-06-19 12:46 www

This way, apache's user owns the file, so Wordpress doesn't have any problems updating plugins or new worpress upgrades, and since the site's directory belongs to the user's individual group and the group has full privileges on the directory (and all the files/subdirectories within it), they can still treat it like their own directory.

This setup appears to work, save for one thing: Wordpress admins can't delete plugins. I'm not sure why that is, but I'm also okay with it for now.

Additionally, I'm not sure that I haven't, by doing it this way, opened up some massive vulnerability without realizing it. Any thoughts?

Last edited by GTBlackwell; 06-19-2011 at 10:36 PM.
 
  


Reply

Tags
apache2, file permission, ftp, migration, wordpress


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
another one with openldap bad credentials jonniebigodes Linux - Software 24 04-11-2010 03:28 PM
Ldap_bind: Invalid credentials olasamuel Linux - Newbie 1 10-28-2009 10:57 AM
ldap invalid credentials finsh Linux - Server 4 12-12-2007 12:11 PM
LDAP_BIND: Invalid Credentials rupesh_pulikool Linux - Software 0 02-01-2005 01:27 PM
different credentials alaios Linux - General 2 10-03-2004 02:03 PM


All times are GMT -5. The time now is 08:03 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration