Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 03-09-2011, 11:44 PM   #1
Registered: Nov 2009
Distribution: All flavors...
Posts: 37

Rep: Reputation: 1
Wordpress permissions on Linux server.

I have question regarding setting permissions on wp-content/uploads... in wordpres. I read a tutorial where they want you to set permissions:

chown -R julie.julie uploads/
chmod -R 777 uploads/

777 makes it rwx for others as well. It's not secure! It works but is temporary fix.

How I can make sure that the user julie (wordpress) will be able to write to it but anybody else wont.

Set a sticky bit on the folder? Which one?

Running Cent OS so is in chroot jail.

Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 03-10-2011, 12:55 AM   #2
Registered: Jun 2004
Location: Inland NW, US
Distribution: Ubuntu
Posts: 366
Blog Entries: 1

Rep: Reputation: 44
Old 03-10-2011, 09:14 PM   #3
Registered: Nov 2009
Distribution: All flavors...
Posts: 37

Original Poster
Rep: Reputation: 1
Originally Posted by jrtayloriv View Post
Thanks...I know how to set permissions. The question is "How the properly set permissions on /wp-content/uploads/" in case of linux" if I set it 777 the others can rwx so is it ok? Wont somebody just delete the pics etc what is in there?


Last edited by peterson.julia; 03-10-2011 at 09:17 PM.
0 members found this post helpful.
Old 03-10-2011, 10:15 PM   #4
LQ Guru
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 15,532
Blog Entries: 25

Rep: Reputation: 4485Reputation: 4485Reputation: 4485Reputation: 4485Reputation: 4485Reputation: 4485Reputation: 4485Reputation: 4485Reputation: 4485Reputation: 4485Reputation: 4485
I don't think you need to worry about the local permissions.

On a hosted site, /wp-content/uploads is not normally open to the public. It is used when a logged in WP user with appropriate WP rights desires to upload content using one of the upload/insert functions that appears above the post text field.

Unless you have enabled public ftp access to that directory, it should be available only to someone with a WP login and appropriate rights (for a linked upload using the built-in uploader) or to an ftp login with access to that directory. If it is available to public ftp, the thing to do is turn off the public ftp.

I have public ftp access turned off with my hosting service. The only way to ftp to my site to use my personal ftp username and pword.

In other words, if your server security is set properly, the local rights on that directory are a non-issue. If people can't get in the front door, they won't get in the closet.

And if a bad guy is sitting at your server doing bad stuff at the keyboard, you have security problems far more serious than permissions issues.
2 members found this post helpful.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Wordpress Server Silver565 Linux - Server 2 04-20-2010 01:03 AM
Wordpress server iso druisgod Linux - Server 3 10-18-2009 08:15 AM
how to allow wordpress to send email from server cucolin@ Linux - Server 4 08-01-2008 02:42 PM
Permissions for Wordpress vital_101 Ubuntu 3 10-03-2006 06:53 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:21 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration