LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Apache2 - Ubuntu 16.04 - Wordpress Permissions (https://www.linuxquestions.org/questions/linux-server-73/apache2-ubuntu-16-04-wordpress-permissions-4175648831/)

mwx 02-22-2019 06:51 AM

Apache2 - Ubuntu 16.04 - Wordpress Permissions
 
Trying to find a definitive, authoritative answer on setting user/group permissions to allow Wordpress to update without having to resort to using their FTP update options.

As things stand - all of the files and directories in the document root (/home/user/public_html)are owned by user:user - and serve just fine from a web point of view.

But when a Wordpress plugin needs to be updated, or WP itself - it can't create directories or write files automatically. Many articles on the web suggest changing the ownership of everything in the document root to apaches user (www-data). It's not correct - and isn't the way most web hosts are configured.

I've already gone through individual folder permissions to no avail. I know there is a setup where it works correctly - as cPanel and web hosts have the correct setup the world over - which allows a virtual host to update files and folders under their own username.

I just haven't figured out the correct user/group configurations to allow the one-click updates to function as intended. And there seems to be a lot of disinformation, or at least hackish at best answers out there. Or I'm missing the correct search string to pull up the correct configuration options.

Thanks.

scasey 02-22-2019 09:33 AM

WordPress is definitly a PITA.
I have found this helpful https://codex.wordpress.org/Hardening_WordPress

mwx 02-22-2019 09:50 AM

Well - as much as I'd like this to NOT descend into a debate about the pros and cons of WP... I'm more concerned with user/group permissions which allow the application to function as intended i.e. one click updates and downloads. Whether or not WP stinks is up for discussion on more than one thread in the world...

ondoho 02-22-2019 10:01 AM

Quote:

Originally Posted by mwx (Post 5965405)
Many articles on the web suggest changing the ownership of everything in the document root to apaches user (www-data). It's not correct - and isn't the way most web hosts are configured.

i disagree on both points.
why do you say that?

also, what's wrong with wordpress.org documentation? i hear it's pretty expansive - wouldn't that be "definitive, authoritative"?

scasey 02-22-2019 10:10 AM

Quote:

Originally Posted by mwx (Post 5965482)
Well - as much as I'd like this to NOT descend into a debate about the pros and cons of WP... I'm more concerned with user/group permissions which allow the application to function as intended i.e. one click updates and downloads. Whether or not WP stinks is up for discussion on more than one thread in the world...

That wasn't my intention. I just find it challenging to work with.

Some of the directories need to have their permissions adjusted for updates to work. Which are explained in the link I sent. I don't have them memorized (yet). I have to go to that guide for every new WP installation I work on.

Yes, there are some "guides" that just say to change all permies to that of the Apache user. While that would work, it is not, in my experience, necessary...or wise. Please review the "hardening" documentation. It is definitive and expansive and comprehensive. Lots to wade through, but all your answers are there, I'm confident.

Please come back here with any further questions.

mwx 02-22-2019 10:19 AM

Thank you - and I will. I just find the litany of info, much of which is as you state, "unwise", to be pretty frustrating. I know there are people and or hosts, and groups like cPanel - who have figured out some solid configurations. I was just wondering if they existed someplace... Spent way too many nights beating my head against a wall...

mwx 02-23-2019 09:14 AM

Well... I've given it a look - and I have no idea what in that article can even come close to touching what I have going on.

scasey 02-23-2019 09:26 AM

Quote:

Originally Posted by mwx (Post 5965962)
Well... I've given it a look - and I have no idea what in that article can even come close to touching what I have going on.

Start here:
Quote:

Core Directories / Files
File Permissions

The default permission scheme should be:

Folders - 750
Files - 640

There a number of ways to accomplish this change. There are also a number of variations to these permissions that include changing them to be more restrictive. These however are the default recommendations. Check with your host before making permissions changes as they can have adverse affects on the performance and availability of your site.

Avoid having any file or directory set to 777.

You can read more about WordPress updates and file ownership on the Updating WordPress codex page.
Also see the link to the Updating WordPress codex page there.

I said it was daunting and a PITA...but this documentation is comprehensive.

Why do you not want to use the FTP update options? That is by far the easiest way to manage things.

mwx 02-23-2019 09:31 AM

Quote:

Originally Posted by scasey (Post 5965969)
Why do you not want to use the FTP update options? That is by far the easiest way to manage things.

You know - I might have to move over to that way of thinking... But when you've gotten used to simply clicking and moving on with your life...
The problem for me is that I'm not a big fan of not knowing... I don't like just giving up and walking away...

scasey 02-23-2019 09:36 AM

Quote:

Originally Posted by mwx (Post 5965972)
You know - I might have to move over to that way of thinking... But when you've gotten used to simply clicking and moving on with your life...
The problem for me is that I'm not a big fan of not knowing... I don't like just giving up and walking away...

That's not a bad thing...but to know, you need to learn.
Wade through the Wordpress.org documentation. I'm sorry it's not easier, but it is what it is.

mwx 02-23-2019 09:42 AM

The maddening part - is that I had it working just fine... then I uploaded a few files of my own via FTP - and the server immediately started asking for credentials. It's like there's something running in the background - changing the rules of the game the moment you do something it doesn't like...

mwx 04-21-2019 09:27 AM

So - I had to post back and revive this thread in hopes that it will save the next guy a lot of trouble.

The problem: Wordpress "One Click Update" and plugin installs or updates not functioning correctly and prompting for FTP credentials rather than operating as intended.

The problem when looking for a solution: While most articles on the web and even the WP Codex talk about ownership and permissions bases resolutions, many of the online hacks don't work or are wholly insecure in their application. I have yet to come across any posts which discuss the role PHP plays and making sure it has the proper permissions and or user/group assignments in order to allow the application to function.

The solution: (for me at least) Was to dig and dig and dig for the last 2 months until I finally came across the information I needed concerning PHP-FPM (in this case 7.2) and that it also needs to be configured with the appropriate values for "user = your_username" "group = your_username" "listen.owner = your_username" and "listen.group = your_username".

All of this is pretty apparent once you get into the PHP-FPM conf file. Its default group value was apache - which gave it out of the box functionality - but the conf file lacked the information which allowed write access to the WP files and folders. Once it was set correctly things worked just fine. It would have been nice along the way if any post I found had mentioned to start looking in that direction in the first place.

My major hangup was that for a new user who's just learning their way around the inner workings of LAMP stacks - it's not always readily apparent that one must dig deeper into PHP workers in order to figure out what's "broken" when everything else seems to be working. Given all of the articles online, a new guy or gal is forced to beat their head against a wall for days trying to diagnose mystical file and folder permissions issues which may in fact not even exist, chmod-ing and chown-ing into a bottomless well where the stone rarely ever hits bottom...

For me it finally did - but only once I had the right nugget to point me in the proper direction. People's mileage may vary depending on their PHP setup - but for me this was the way to get WP to work the way I've seen it work on many other hosts before. It only became a problem when I started deploying my own instances.

So - thank you for listening.


All times are GMT -5. The time now is 04:38 AM.