LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 02-22-2019, 06:51 AM   #1
mwx
Member
 
Registered: Jan 2009
Location: Virginia, USA
Distribution: CentOS - Ubuntu
Posts: 67

Rep: Reputation: 0
Apache2 - Ubuntu 16.04 - Wordpress Permissions


Trying to find a definitive, authoritative answer on setting user/group permissions to allow Wordpress to update without having to resort to using their FTP update options.

As things stand - all of the files and directories in the document root (/home/user/public_html)are owned by user:user - and serve just fine from a web point of view.

But when a Wordpress plugin needs to be updated, or WP itself - it can't create directories or write files automatically. Many articles on the web suggest changing the ownership of everything in the document root to apaches user (www-data). It's not correct - and isn't the way most web hosts are configured.

I've already gone through individual folder permissions to no avail. I know there is a setup where it works correctly - as cPanel and web hosts have the correct setup the world over - which allows a virtual host to update files and folders under their own username.

I just haven't figured out the correct user/group configurations to allow the one-click updates to function as intended. And there seems to be a lot of disinformation, or at least hackish at best answers out there. Or I'm missing the correct search string to pull up the correct configuration options.

Thanks.
 
Old 02-22-2019, 09:33 AM   #2
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.5
Posts: 2,560

Rep: Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873
WordPress is definitly a PITA.
I have found this helpful https://codex.wordpress.org/Hardening_WordPress
 
Old 02-22-2019, 09:50 AM   #3
mwx
Member
 
Registered: Jan 2009
Location: Virginia, USA
Distribution: CentOS - Ubuntu
Posts: 67

Original Poster
Rep: Reputation: 0
Well - as much as I'd like this to NOT descend into a debate about the pros and cons of WP... I'm more concerned with user/group permissions which allow the application to function as intended i.e. one click updates and downloads. Whether or not WP stinks is up for discussion on more than one thread in the world...
 
Old 02-22-2019, 10:01 AM   #4
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 11,040
Blog Entries: 7

Rep: Reputation: 2778Reputation: 2778Reputation: 2778Reputation: 2778Reputation: 2778Reputation: 2778Reputation: 2778Reputation: 2778Reputation: 2778Reputation: 2778Reputation: 2778
Quote:
Originally Posted by mwx View Post
Many articles on the web suggest changing the ownership of everything in the document root to apaches user (www-data). It's not correct - and isn't the way most web hosts are configured.
i disagree on both points.
why do you say that?

also, what's wrong with wordpress.org documentation? i hear it's pretty expansive - wouldn't that be "definitive, authoritative"?
 
1 members found this post helpful.
Old 02-22-2019, 10:10 AM   #5
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.5
Posts: 2,560

Rep: Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873
Quote:
Originally Posted by mwx View Post
Well - as much as I'd like this to NOT descend into a debate about the pros and cons of WP... I'm more concerned with user/group permissions which allow the application to function as intended i.e. one click updates and downloads. Whether or not WP stinks is up for discussion on more than one thread in the world...
That wasn't my intention. I just find it challenging to work with.

Some of the directories need to have their permissions adjusted for updates to work. Which are explained in the link I sent. I don't have them memorized (yet). I have to go to that guide for every new WP installation I work on.

Yes, there are some "guides" that just say to change all permies to that of the Apache user. While that would work, it is not, in my experience, necessary...or wise. Please review the "hardening" documentation. It is definitive and expansive and comprehensive. Lots to wade through, but all your answers are there, I'm confident.

Please come back here with any further questions.
 
Old 02-22-2019, 10:19 AM   #6
mwx
Member
 
Registered: Jan 2009
Location: Virginia, USA
Distribution: CentOS - Ubuntu
Posts: 67

Original Poster
Rep: Reputation: 0
Thank you - and I will. I just find the litany of info, much of which is as you state, "unwise", to be pretty frustrating. I know there are people and or hosts, and groups like cPanel - who have figured out some solid configurations. I was just wondering if they existed someplace... Spent way too many nights beating my head against a wall...
 
Old 02-23-2019, 09:14 AM   #7
mwx
Member
 
Registered: Jan 2009
Location: Virginia, USA
Distribution: CentOS - Ubuntu
Posts: 67

Original Poster
Rep: Reputation: 0
Well... I've given it a look - and I have no idea what in that article can even come close to touching what I have going on.
 
Old 02-23-2019, 09:26 AM   #8
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.5
Posts: 2,560

Rep: Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873
Quote:
Originally Posted by mwx View Post
Well... I've given it a look - and I have no idea what in that article can even come close to touching what I have going on.
Start here:
Quote:
Core Directories / Files
File Permissions

The default permission scheme should be:

Folders - 750
Files - 640

There a number of ways to accomplish this change. There are also a number of variations to these permissions that include changing them to be more restrictive. These however are the default recommendations. Check with your host before making permissions changes as they can have adverse affects on the performance and availability of your site.

Avoid having any file or directory set to 777.

You can read more about WordPress updates and file ownership on the Updating WordPress codex page.
Also see the link to the Updating WordPress codex page there.

I said it was daunting and a PITA...but this documentation is comprehensive.

Why do you not want to use the FTP update options? That is by far the easiest way to manage things.
 
Old 02-23-2019, 09:31 AM   #9
mwx
Member
 
Registered: Jan 2009
Location: Virginia, USA
Distribution: CentOS - Ubuntu
Posts: 67

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by scasey View Post
Why do you not want to use the FTP update options? That is by far the easiest way to manage things.
You know - I might have to move over to that way of thinking... But when you've gotten used to simply clicking and moving on with your life...
The problem for me is that I'm not a big fan of not knowing... I don't like just giving up and walking away...
 
Old 02-23-2019, 09:36 AM   #10
scasey
Senior Member
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.5
Posts: 2,560

Rep: Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873Reputation: 873
Quote:
Originally Posted by mwx View Post
You know - I might have to move over to that way of thinking... But when you've gotten used to simply clicking and moving on with your life...
The problem for me is that I'm not a big fan of not knowing... I don't like just giving up and walking away...
That's not a bad thing...but to know, you need to learn.
Wade through the Wordpress.org documentation. I'm sorry it's not easier, but it is what it is.
 
Old 02-23-2019, 09:42 AM   #11
mwx
Member
 
Registered: Jan 2009
Location: Virginia, USA
Distribution: CentOS - Ubuntu
Posts: 67

Original Poster
Rep: Reputation: 0
The maddening part - is that I had it working just fine... then I uploaded a few files of my own via FTP - and the server immediately started asking for credentials. It's like there's something running in the background - changing the rules of the game the moment you do something it doesn't like...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Docker with wordpress/mysql/nginx, no styles in wordpress E-Kami Linux - Server 2 01-23-2018 02:41 PM
LXer: WordPress Plugin Tutorial ó How To Install WordPress Plugins LXer Syndicated Linux News 0 12-09-2015 09:10 AM
Apache2 Configuration or Wordpress Configuration: Wordpress index.php not loading khun Linux - Newbie 5 05-18-2012 08:26 AM
how to install pre existing wordpress directory on a existing wordpress to run a web ajbardhan Linux - Software 3 04-28-2012 07:01 PM
Ubuntu + Apache2 + Wordpress Silver565 Linux - Server 8 12-15-2011 01:34 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 01:33 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration