I'm setting up lots of wordpress install on ubuntu. Digital Ocean suggest running these commands to grant Wordpress permissions in order to be able to update, download plugins etc:
sudo chown www-data:www-data * -R
sudo usermod -a -G www-data linux_user_name
src: https://www.digitalocean.com/community/tutorials/how-to-set-up-multiple-wordpress-sites-on-a-single-ubuntu-vps
I've been running everything as the root user, and I'm concerned these commands are not the most secure way of doing this. Is there a better way, without having to run commands for every domain?
Many thanks.
Ideally you don't want to be doing everything as root as when Wordpress runs it won't be running as the root user on the Ubuntu box meaning that you'll probably run into problems when trying to install plugins and updates.
This is because the default Apache user will be www-data and is the user you should be using to setup folders and permissions in which to install and run Wordpress. If you are managing permissions for each domain, use www-data in the root folder i.e. public_html and the sub folders will be set to the www-data user. There are loads of good tutorials on digital ocean for just this, I'd try getting setup with www-data as you'll run into a lot less issues going forwards.
Related
I have an AWS EC2 (Ubuntu Server 18.04 LTS (HVM), SSD Volume Type) on Apache with a working WordPress site on it.
If I run sudo chown -R ubuntu:ubuntu /var/www/html, then I can edit files via SFTP and save them, but not update my plugins.
If I run sudo chown -R www-data:www-data /var/www/html, then I can update my plugins but not edit files via SFTP and save them.
How can I update my plugins and edit my files without having to run the corresponding command each time?
I have already run sudo chmod -R 755 /var/www/html.
The permissions seems correct to me. Did you install a ftp server in the ec2 instance?
As you don't mention that, I guess you will have to install one than use credentials in wordpress to connect. Here's one guide to install and configure ftp at ubuntu
http://gabrielmagana.com/2014/11/installing-ftp-server-vsftpd-on-an-amazon-ec2-ubuntu-14-04-host/
If I remember correctly, you can set the owner of the directory to www-data. Then add user Ubuntu to the www-data group.
sudo adduser www-data ubuntu
To be clear on some things, I have tried:
going into config.php and inputting define FS_Method, FTP_Base, FTP_Content_Dir, FTP_Plugin_Dir, FTP_User, FTP_Pass, FTP_Host, FTP_SSL
setting file permissions to 755 on wp-content, wp-content/uploads, wp-content/plugins
Things I do not have access to: cpanel, file manager, ubuntu, commands, SSH credentials.
I have spoken to my web host (it is a shared host account), and they will not provide me info on SSH. The only backend I have access to is wordpress admin and FTP through FileZilla or WinSCP. The web host has declared this issue to be in my court and refuses to help me out (unless I want to be charged a hefty fee).
Now, the issue is updating plugins. I can activate and deactivate plugins. But I can't install, delete or update plugins. Originally, the issue was "can't create directory" but then I changed define(FS_METHOD) to ftpsockets. Originally it was direct. (ftpext did not work whatsoever).
NOW the issue is "Update Failed: Could not copy file. all-in-one-wp-migration/all-in-one-wp-migration.php" for the plugin All-in-one WP Migration.
Can anyone help me out or point out what I'm doing wrong?
check your disk quota , the space assigned to your account , it looks like you may be overquota and hence the updates are failed.
As other posts indicate, the root cause is a permissions problem in /var/www/html/wordpress. In my case, I used Microsoft document https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-lamp-stack to install LAMP in Azure on Ubuntu 18.x LTS. I set the app to use the SFTP plugin for updates & uploads per https://wordpress.org/plugins/ssh-sftp-updater-support/. Then I changed permissions in as needed to the directories 'plugins themes upgrade uploads', group www-data (I used top to determine this, but other tools will do the trick), 775 on directories and 664 on files. Of course the user ID used to SFTP files had to be added to the www-data group on the system. I DID NOT set permissions to 777 as some have suggested in other posts and blogs.
Your situation may vary for required group ownership permissions. So analyze accordingly.
And best of luck.
Get your webhost to do this or you can do it yourself if you have SSH access
sudo usermod -aG www-data $USER
sudo chown -R www-data:www-data /var/www
sudo chmod -R 774 /var/www
you may want to revert back to the default: prevent writeable
sudo chmod -R 755 /var/www
I know there are bunch of posts all over the internet about the WordPress permissions, but I am facing an issue I can't explain from the other posts. I am running debops WordPress on Ubuntu 16.04 with nginx.
Basically my updates within WordPress are failing, I am getting the "Could not create directory error". So I checked the permissions, and they are all correct (755 for the directories, 644 for the files).
Furthermore I checked that nginx is actually running as www-data user, which it does:
ps aux|grep nginx|grep -v grep
Shows that nginx is running as www-data.
To verify the permissions, I tried:
sudo -u www-data mkdir test
which worked and created the test directory.
Then some other posts made me think it has to do with a FTP configuration, most of them point to the vsftpd.conf file, but I don't have vsftpd installed (though I am able to connect via sftp to the ubuntu machine).
Question: What other reasons might cause this issue? Technically, WordPress has all the permissions to create it's directories.
Ok I found the problem:
nginx was indeed running as www-data user, but that wasn't the issue. From the debops issues I found that the correct user who should own the WordPress directory is the 'wordpress' user, not www-data.
chown wordpress:wordpress /var/www/ -R
Now everything works well with the updates.
I'm using Wordpress on localhost, but I can't upload photos. They seem broken and won't show, although they are created in wp-content/uploads/2014/01 folder. This folder has 755 mode, too. What am I doing wrong?
755 give read and execute permissions to group and others but not write permissions
I also find that sometimes its not enough for files/folders to have write permissions with wordpress you sometimes need to give your server ownership of the directory - if its going to regularly be reading and writing to it.
e.g. if apache is server on debian or debian derivative try:
sudo chown -R www-data wp-content/uploads/2014
(replace www-data with whatever user your server runs as)
I am trying to upload a file in wordpress using the Media > Add New -- Option but when I click upload I get the following error:
Unable to create directory wp-content/uploads/2012/11. Is its parent
directory writable by the server?
I have Wordpress 4.3.1 installed.
Thank you
EDIT:
I am on a shared server with: host=i686-redhat-linux-gnu and Apache. I changed the permissions to 755 and 777 of wp-content/uploads but I get the following error:
“my_file.jpg” has failed to upload due to an error Unable to create
directory wp-content/uploads/2012/11. Is its parent directory writable
by the server?
Any ideas?
You need to set folder permissions for /uploads/ and possibly for /wp-content/ , too.
Typically, both folders should be 755. You may have to temporarily raise /uploads/ to 777 and upload an image (this will also force the server to change the folder permissions and user to the correct settings), but change it back to 755 right away.
It's easiest to set permissions with an FTP client. See Filezilla and FTP Clients « WordPress Codex.
And see Changing File Permissions « WordPress Codex for the correct Wordpress permission settings:
From the codex.wordpress: Typically, all files should be owned by your user (ftp) account on your web server, and should be writable by that account. On shared
hosts, files should never be owned by the webserver process itself
(sometimes this is www, or apache, or nobody user).
Any file that needs write access from WordPress should be owned or
group-owned by the user account used by the WordPress (which may be
different than the server account). For example, you may have a user
account that lets you FTP files back and forth to your server, but
your server itself may run using a separate user, in a separate
user group, such as dhapache or nobody. If WordPress is running as the
FTP account, that account needs to have write access, i.e., be the
owner of the files, or belong to a group that has write access. In the
latter case, that would mean permissions are set more permissively
than default (for example, 775 rather than 755 for folders, and 664
instead of 644).
ssh in and navigate to the wp-content folder and type in these 2 lines:
sudo chown -R www-data uploads/
sudo chmod -R 755 uploads/
or you can use the static and full path:
sudo chown -R www-data /var/www/wp-content/uploads/
sudo chmod -R 755 /var/www/wp-content/uploads/
Do not change it to permissions 777 because that is simply insecure
I had the same problems last week. After trying all proposed solutions with no success, it occurred to me that we had SElinux enabled on the server. In my case, and maybe for many other people, SElinux was responsible of the error message:
Unable to create directory wp-content/uploads/2013/04. Is its parent directory writable by the server?
My solution is based on the one proposed here: http://doc-ok.org/?tag=selinux which could be more suitable to other people's needs.
In my case, my wordpress directory resides in my home folder on the server, to which I have ssh access. Otherwise you will have to ask your administrator.
Anyway, this is my solution.
chgrp -R apache wordpress #change wordpress with your base directory for wp..
#alternatively, chown the whole directory to apache
chmod -R 774 wordpress/wp-content #if chown by apache, the permissions can be more restrictive
In my case not only the folder ownership / group ownership had to be changed to apache. Also the SElinux label of wp-content directory had to be changed to either httpd_sys_rw_content_t or httpd_sys_content_t:
chcon -Rv --type=httpd_sys_content_t wordpress/wp-content
This did the trick for me.
More information on SElinux can be found for example at:
wiki.centos.org/HowTos/SELinux
and
fedoraproject.org/wiki/SELinux
The /wp-content/uploads directory needs to be writeable by your webserver. Assuming that you are using Apache on Linux, and that it is running as user apache (change to your appropriate user) one quick fix for this would be to run the following command from your web root.
chown -R apache.apache wp-content/uploads
chmod -R 755 wp-content/uploads
I faced the same issue and I found a better solution:
go to cpanel > phpmyadmin
select database
open wp_options table
make sql query SELECT * FROM wp_options WHERE option_name LIKE '%upload_path%'
change the path
this should fix it.
sudo chown -R www-data:www-data wp-content/uploads
Do not change the permissions to 755 if it's not necessary.
If it still doesn't work try:
chmod -R 755 wp-content/uploads
this works for me, after many weeks headache
sudo chown -R apache uploads
sudo chmod -R 755 uploads
assuming you're in wp-content
for those who stumbled on selinux permission issue, here are the steps i made to fix them. We need to allow the following selinux boolean variables to allow installing of wordpress plugins from wordpress admin console using FTP. They are httpd_can_network_connect and ftpd_full_access. They can be activated by
setsebool ftpd_full_access on
setsebool httpd_can_network_connect on
also wp-content folder should be write permissible for the ftp user used for uploading.