I'm using Amazon EC2. I'm on Ubuntu 16.04. I'm also using Apache 2. I have WordPress installed on my server.
I do:
chown -R ubuntu /var/www/html
so I can edit my files as ubuntu via FTP. But the problem is now WordPress cannot edit files, update, or upload any files via WordPress. But if I do:
chown -R www-data /var/www/html
then it works.
Any way I can make it work for both ubuntu and www-data at the same time, without always switching it?
Thanks!
I have done this before, exact same scenario.
You'll need a group with ubuntu and any other users in it, call it wordpress for instance.
# do this as root
groupadd vpsusers
gpasswd -a ubuntu wordpress
gpasswd -a www-data wordpress
etc....
then you want to use a base user (ubuntu) and the group as the owner of the folder.
# again as root
chown -R ubuntu:wordpress /var/www/html
final step make the group writable
# again as root
chmod -R g+w /var/www/html
Related
I have this deployments architecture that deploy scalable WordPress using Amazon ECS containers. These are based from official WordPress image; The containers also mount an Amazon EFS file system on /var/www/html/wp-content mainly to host plugins and themes. The reason is because some plugins write files inside the wp-content directories, and I'd like the containers to have access to that files.
There is also bastion EC2 instance host so that I can access the EFS directory to make modifications and sync to locally.
The problem is I couldn't write the EFS directory without sudo-ing as www-data.
$ssh -i private_key.pem ubuntu#$BASTION_HOST
$touch /var/www/html/wp-content/test.txt
touch: cannot touch '/var/www/html/wp-content/test.txt': Permission denied
$sudo -u www-data bash # Access bash as www-data user
$touch /var/www/html/wp-content/test.txt
$ls -al /var/www/html/wp-content/test.txt
-rw-rw-r-- 1 www-data www-data 0 Aug 12 01:08 /var/www/html/wp-content/test.txt
What I want to achieve is that I want to do rsync the plugin in my local development both to and from the wp-content directory.
I tried the command below
rsync -av -e "ssh -i private_key.pem" content/plugins ubuntu#$BASTION_HOST/var/www/html/wp-content
but it failed.
I also tried as www-data, just for sure.
rsync -av -e "ssh -i private_key.pem" content/plugins www-data#$BASTION_HOST:/var/www/html/wp-content
I tried rsync to other directory, though, and it works.
rsync -av -e "ssh -i private_key.pem" content/plugins www-data#$BASTION_HOST:/home/ubuntu/sync
I wanted to change the permission of the /var/www/html/wp-content in the bastion to ubuntu, but the last time I did it, the WordPress containers couldn't write to the NFS directory; so the safest way is to keep the permission intact.
What did I miss?
Update 1
I tried adding ubuntu user into www-data in the bastion server.
$ sudo usermod -aG www-data ubuntu
$ cat /etc/group | grep www-data
www-data:x:33:ubuntu
$ touch /var/www/html/wp-content/test.txt
touch: cannot touch '/var/www/html/wp-content/test.txt': Permission denied
Still doesn't work.
Great problem description.
Clearly there's a permissions issue, so I'll suggest the first thing to look at and assume you don't already have that covered.
Is the default ubuntu user a member of the www-data group?
Being a member of that group could give the required privilege levels.
To add the ubuntu user to the www-data group, allowing it/you to write to the mounted web directories while ssh'ed into the Bastion server:
sudo usermod -aG www-data ubuntu
To remove a user from a group:
sudo gpasswd -d ${USER} www-data
You'll have to test whether the ssh server on the bastion host will allow you to, say rsync files into the mounted web directories from your local development host. That might be a configuration issue in the bastions /etc/ssh/sshd_config file.. not sure, haven't tried, but one to look at next if necessary. Good luck.
I have an AWS EC2 (Ubuntu Server 18.04 LTS (HVM), SSD Volume Type) on Apache with a working WordPress site on it.
If I run sudo chown -R ubuntu:ubuntu /var/www/html, then I can edit files via SFTP and save them, but not update my plugins.
If I run sudo chown -R www-data:www-data /var/www/html, then I can update my plugins but not edit files via SFTP and save them.
How can I update my plugins and edit my files without having to run the corresponding command each time?
I have already run sudo chmod -R 755 /var/www/html.
The permissions seems correct to me. Did you install a ftp server in the ec2 instance?
As you don't mention that, I guess you will have to install one than use credentials in wordpress to connect. Here's one guide to install and configure ftp at ubuntu
http://gabrielmagana.com/2014/11/installing-ftp-server-vsftpd-on-an-amazon-ec2-ubuntu-14-04-host/
If I remember correctly, you can set the owner of the directory to www-data. Then add user Ubuntu to the www-data group.
sudo adduser www-data ubuntu
I am trying to set up wordpress on digitalocean with nginx. I am running into permissions issues though. When I upload a file or try to install a plugin I get the cannot create in directory warning. So I came across the post Here that says I need to give nginx access to the folder. So I executed the following:
sudo chown -R www-data:www-data /path/to/folder
sudo chmod -R 755 /path/to/folder
This works except now I cannot add and delete files with filezilla. Obviously because the permissions to the folder are no longer with the me the user they are now with www-data.
So my question is what is the correct way to configure nginx to work with wordpress and still allow me to upload and delete files with ftp.
When using digital ocean droplets you will probably be using sftp access to your server.
Try the following commands in your terminal when logged in.
Add your currently logged in user to the www-data group:
sudo usermod -aG www-data $USER
Then change your vhost directory and all files and subdirectories to be owned by www-data group:
sudo chown -R www-data:www-data /var/www
Set the proper permissions so you can upload files via sftp, manage files via command-line, and upload plugins and media directly in WordPress:
sudo chmod -R 774 /var/www
Hope this helps
Saskia
I have installed a LAMP server (Ubuntu) on a VPS and everything seems to be running fine. After uploading and installing WordPress I ran into a couple of rights issues (not being able to upload, not being able to create/change the .htaccess file from within WordPress, the usual) so I chmod the directory so the www-data user is owner:
sudo chown -R www-data:www-data /var/www/domain.com/public_html/
Now all of the above works fine, but...
When I upload a file or directory the owner/group is set to the user I'm using to "FTP" with. This results in WordPress not being able to update the files (e.g. a plugin). The user I'm using for FTP transfer is part of the www-data group.
What should/can I do to prevent this and thus automagically add the www-data owner/group to uploaded files? And is this the way to go?
Think I found it: https://help.ubuntu.com/lts/serverguide/httpd.html
Sharing Write Permission
sudo chgrp -R www-data /var/www/domain.com
sudo find /var/www/domain.com -type d -exec chmod g=rwxs "{}" \;
sudo find /var/www/domain.com -type f -exec chmod g=rw "{}" \;
I'm hosting a wordpress site on ec2 and I'm trying to update my theme through the admin screen. Its asking me for Hostname and ftp username and password. Is ec2-xxx.compute-1.amazonaws.com:22 my hostname? I tried along with ec2user and root for my ftp username but no luck. What am I doing wrong?
Skip the FTP info altogether and just change the permission of the directory structure where Wordpress is installed.
VIA SSH
sudo chown -R apache:apache path/to/wordpress
sudo makes sure you execute as the root user
chown will change the owner of the directory
-R will make it recursive, so it changes all files and directories within
apache:apache is user:group
And then the path to wordpress. Could be /var/www/html/sitename.com or if you navigate to the folder where Wordpress is installed, you can use a period (.) to tell it to change the current directory.
This will make is so that you can't copy files via sftp though, so it is good to change at least the themes directory back to the ec2-user:ec2-user user and group.
So this changes back to your ssh/sftp user:
sudo chown -R ec2-user:ec2-user path/to/wordpress
You can assign the folders to the ftp user and the apache group and then make them group writable as well. This will allow you to ftp into the directory, and allow everything to be auto updated within Wordpress.
// Set the wp-contents into the apache group and then make files group writable
sudo chgrp -R apache wp-content
sudo chmod -R g+w wp-content
// This makes new files created in wp-content and all of its sub-directories group-writable.
sudo chmod g+s wp-content
Then add this to wp-config.php to force Wordpress to update when only applying this wp-content:
define('FS_METHOD', 'direct');
You can also apply to the whole Wordpress install to auto update Wordpress and not just plugins/themes. If you do this, I would recommend putting your wp-config.php file one directory above your Wordpress install though, so you can lock it down separately.
EDIT: Whenever I am having permission troubles on EC2, I go to site root directory, and paste these lines in. I apply it to the whole Wordpress install these days:
sudo find . -type d -exec chmod 0755 {} \;
sudo find . -type f -exec chmod 0644 {} \;
sudo chown -R ec2-user:apache .
sudo chmod -R g+w .
sudo chmod g+s .
I use something similar on my Mac as well.
In your wp-config.php under directives add this line:
define('FS_METHOD', 'direct');
You can simply solve this problem by doing this via ssh:
sudo chown -R apache path/to/wordpress
then
sudo chmod -R 755 path/to/wordpress
Your hostname would be ec2-107-20-192-98.compute-1.amazonaws.com.
Your username will be the username you use to SFTP to the instance normally - ec2user for some instance types, ubuntu for Ubuntu AMIs, etc. EC2 generally doesn't use passwords, preferring SSH keys, so you'll have to set a password for your account by doing passwd on the commandline.
Try adding FTP credentials to wp-config.php: http://codex.wordpress.org/Editing_wp-config.php and http://codex.wordpress.org/Editing_wp-config.php#WordPress_Upgrade_Constants
That should make WP admin stop asking for FTP details. But depending on how you've set up permissions via the command line, may have to go to the command line to edit files like wp-config.php . And you may not have sufficient permissions to upload and for WP to unzip a theme.
As per other answers, I use SFTP with a server of ec2-xx-xxx-xx-xx.compute-1.amazonaws.com username of ec2-user
ec2-107-20-192-98.compute-1.amazonaws.com:22 represents both the hostname and the ssh port. (SSH is normally on port 22, though it can run on any port.)
Try just ec2-107-20-192-98.compute-1.amazonaws.com in the hostname field.
I'm still skeptical of a webpage asking for a username and password. Seems a bit silly to me, since you should just use SFTP to directly upload whatever content you want using your SSH identity key instead of a password.
You could simply use 127.0.0.1 as hostname and check FTP in Wordpress ftp settings.
To resume what has been said:
user is the same you actually use to SSH/SFTP
password needs to be set/updated logging in via SSH and typing
sudo passwd your-user-name