This has to do with media uploading in Wordpress.
Every time WP creates a folder for new uploads (it organizes uploads by year and month: yyyy/mm), it creates it with the "apache:apache' user and group, with full access to all (777 or drwxrwxrwx).
However, after that, WP cannot create a folder within that folder (e.g.: mkdir 2011 succeeds, but mkdir 2011/01 fails). Also, uploads cannot be moved into these newly created folders even though the permissions are 777 (rwxrwxrwx).
Once a month, I have to chown the newly created folders to be the same as user:group as the rest of the files. Once I do that, uploading works fine (which doesn't make sense to me The really frustrating part is that this problem doesn't exist in other WP installs on other domains on the same server.
* I wasn't sure if this should be here or on serverfault.
Edit: The containing directory /.../httpdocs/blog/wp-content/uploads has the correct ownership
drwxrwxrwx 5 myuser psaserv 4096 Jun 3 18:38 uploads
This is a Plesk/CentOS environment hosted by Media Temple (dv).
I've written the following test script to simulate the problem
<pre><?php
$d = "d" . mt_rand(100, 500);
var_dump(
get_current_user(),
$d,
mkdir($d),
chmod($d, 0777),
mkdir("$d/$d"),
chmod("$d/$d", 0777),
fileowner($d),
getmyuid()
);
The script always creates the first directory mkdir($d) successfully. On domain A, where the WP problem is, it cannot create the nested directory mkdir("$d/$d"). However, on domain B, both directories are successfully created.
I am running each script at /var/www/vhosts/domainA/httpdocs/tmp/t.php and /var/www/vhosts/domainB/httpdocs/tmp/t.php respectively I checked the permissions on tmp, httpdocs, and domain[AB] and they are the same for each path. The only thing that differs is the user.
A solution is to use FastCgi. This makes PHP run as the user who owns the site. New files and folders will be the same user and group. This will solve your problem.
There is a performance penalty to FastCgi but you get some added security as it restricts php. If you are hosting multiple website with multiple users this could be a good idea.
Try going to your miscellaneous settings page (or media depending on your version) and make sure the upload directory is still wp-content/uploads.
If you need to. set the full url too.
Also, as a final solution, disable the option to organize them into folders so that way WordPress doesn't even need to create folders.
Check for a setuid or setgid bit on a directory above the 2010 directory. ls -l will have an s or S in the permissions for the directory. Make sure this directory has the correct ownership.
Try to create directory recursive with mkdir($d, true)
<pre><?php
$d = "d" . mt_rand(100, 500);
var_dump(
array(
get_current_user(),
$d,
mkdir($d,true),
chmod($d, 0777),
mkdir("$d/$d", true),
chmod("$d/$d", 0777),
fileowner($d),
getmyuid()
)
);
I had a similar issue with Joomla recently, and solved the problem by adding myuser into the apache group, and add apache into the psaserv group.
One of our websites on a Media Temple DV was having this problem. Turning PHP Safe Mode off solved it. The directories were still created as apache:apache, but the media files were allowed in there.
One thing that occurred to me - WP will tell you that it can nto copy file to /wp-content/upload even when all permissions are right.... if
upload_max_filesize
in php.ini is too small (say 2M and you try to upload 3.5MB file)!
Hope that helps all thsoe who have right permissions but still can not upload!
You shouldn't need 777 on your directories, 775 at most should be sufficient. Just make sure it's set on the uploads directory with 755 for all the other directories above.
Also, you could try to chown it to www-data, sometimes that helps when your ftp user that you are logged in as when changing the permissions once a month doesn't have sufficient access level and owning the directories by that user prevents the server from being able to write into them.
Lastly, as someone has pointed out above, you may need to up the upload size limit along with making sure other file upload related php.ini settings are correct:
http://php.net/manual/en/ini.core.php
http://kb.mediatemple.net/questions/137/How+can+I+edit+the+php.ini+file%3F#dv
One common cause, often overlooked, is the disk quota, ie have you run out of disk space.
Related
I've recently moved my WP site from godaddy to a physical sever using windows server 2012 R2.
But I'm having problem uploading files using the Admin panel, After uploading the file, I can see it physically on the server (wp-content\upload\2017\10)
But I can't see it on the website it self.
I can only see the file if I'm changing it permissions on the server it self.
I've changed the permissions to the folder, I gave full access to the relevant users. But still, it doesn't work for new files\pictures I'm uploading via the wp admin panel
Edit:
I've notice that every time I come to change the folder permissions the permissions under CREATOR OWNER are always empty, Is it Related ?
Thank you very much for the help
When you upload a file, PHP sends the file to a temporary directory on your server's hard drive (usually C:\Windows\Temp) and then copies it over to the proper directory. Once the file has is initially put in the temporary directory, it gets the permissions of that directory. The problem is when Windows moves that file to the proper place, it keeps the temporary directory’s permissions, which can cause access problems.
The way to fix this is to change the temporary directory to a folder within your WordPress installation, usually wp-content/upgrade.
To do this, follow these directions:
Find your php.ini file.
Find the upload_tmp_dir line, and change it to the wp-content/upgrade folder.
Browse to this folder and verify that the permissions are set properly.
You should then have the ability to properly view all your images. You'll most likely need to select all the previous selected images, and change the owner of the files to the web folder owner. Then you should be good to go!
If you can’t upload an image at all, it’s probably because you need to give the IUSR account Read/Write/Modify permission on your wp-content folder. This will allow you to upload, and do the WordPress & plugin updates.
Once you have done that, all you need to do is give the IIS_IUSRS group Read permissions on your “C:\Windows\Temp” folder.
Make sure to notice that the two permission changes you make are not for the same user/group. Give IUSR permissions on your wp-content folder and IIS_IUSRS permissions on your Windows temp folder.
Note: If you have edited your php.ini file and change the upload temp directory then you will need to give IIS_IUSRS group read permissions on that folder instead.
That should do it, or at least it worked for me.
http://chris.wastedhalo.com/2011/01/wordpress-upload-permissions-on-iis-7-fix/
I find myself coming back to this question time after time when images I add to the Media Gallery don't have the correct permissions in the WordPress Uploads folder. Since I develop WordPress sites locally, it would be a pain to set permission on the Uploads folder every time I work on a new site.
To fix this, I created a folder "C:\Websites\Temp" without messing around with permissions or security settings, etc. Then in MAMP, I edited the php.ini template of the PHP version I was using for this site, php7.3.0.ini (File, Edit Tempate, PHP). I then set upload_tmp_dir to "C:\Websites\Temp":
; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
upload_tmp_dir = c:\websites\temp
and voila, no more permission issues.
Well, a few years later, found this post. Tried it. Failed.
Other solution is to assign a specific user to the site in IIS and apply the right permisions to the folder containing the site.
I've moved my wordpress installation from a managed VPS to a new centos server.
Now I've a problem with writing to files directly from the wordpress admin panel.
Folders/files are set with 755/644. User owner is "wwwuser", group is "apache" (I use this one to access to the documentroot via ftp).
I think that the problem is that in /etc/httpd/conf/http.conf I've user and group setted both to "apache", in fact everything works if I change permissions to 775/664, which should mean that when the group owner is setted to apache everything work, right?
So my question is, should I change all permissions to 775 or there's another solution, which doesn't lead to security issues? Is it safe to make all folders and files 775 and 664? What if I change "apache" to "wwwuser" from /etc/httpd/conf/http.conf?
Edit: is it possible that the problem is that in phpinfo, environment pwd is set to /home/wwwuser/test and not to /home/wwwuser/?
I would advise to not change the user Apache is running under (to not edit the Apache config file) but to set apache as the owner of the files.
chown -R apache /path/to/your/app/files
I think it's the easiest solution. If you choose to change the permissions, you shouldn't have to change the permissions for everyone (other): you could change to 774 but I don't see why 775.
By default Apache is running under the apache user on CentOS.
This is a very common problem you are facing right now. Some times files/directories created/uploaded with FTP may have been assign a different users/usergroup. As #Céline Aussourd stated, if you have installed plugin from WordPress then all files and directories will get the default user/usergroup.
Now easiest way to identify which user should be assigned to your files is create a single test file using CPanel file manager called "test.php" and access it from web if it is working then check its user/usergroup and change all your setup files to that user/usergroup all together with
chown -R {user} /path/to/your/worpress/root
Replace {user} with apache web user.
UPDATE: (To install plugin without FTP details)
Please add following line to your wp-config.php after define('WP_DEBUG', false); line.
define('FS_METHOD', direct);
Remove plugin and re-install it, this time it wont ask you for FTP details and will write files directly.
For me, the solution was to add the mod_suexec apache module
I get this problem now and then, where I use an FTP account given to me by the host and use them in Wordpress FTP. But for some reason when updating themes for example, the new theme gets created under apache/apache and not user/psacln user name/group. So at that point I can't delete or do anything with those files as I am under psacln group.
I would like to find out more about why this may happen to avoid this problem - any suggestions are welcome!
Thanks in advance.
When you upload files via the wordpess admin page (like themes) the httpd process running as the apache user is actually creating them on your system--hence why they are owned by the apache user. I suggest this options to work around this:
Add yourself and apache to a new group called 'wordpress'
Use to change group ownership of your wordpress to the new group
Use set the sgid permission bit and the group write permission to all directories in the wordpress docroot.
The setting of the sgid bit will make all files added to a directory be the same group owner.
Assuming you've added yourself and apache to the same group, here's the linux commands to setup the directories to ensure files get created writable to all in the wordpress group:
chown -R :wordpress /path/to/wordpress/docroot/
chmod -R g+w /path/to/wordpress/docroot/
find /path/to/wordpress/docroot/ -type d -print | while read i; do SAVEIFS=$IFS; IFS=$(echo -en "\n\b");chmod g+s $i; IFS=$SAVEIFS; done
Additional thing that may be needed:
If you see apache creating files with group permissions without write, you may need to change the default umask for the apache user for creation of new files. By default it should be owner and group write allowed, but I know some accounts (like root user) have the default umask set to be group read only.
because apache's worker children run under apache's userid, and a "common user" on a unix system cannot make files be owned by some OTHER user. Only the root account can "give away" ownership.
Why? It'd be trivial for a normal user to make a file owned by root, or owned by another user. If a given system was running with user quotas, this would allow a user to completely subvert the quotas, or deny someone else access by "giving" them a bunch of huge files and exceeding that user's quota.
If you need access to those files, regardless of the unix ownership, you could look into using POSIX acls, which exist above/beyond the unix permissions.
I recently upgraded my Drupal core from 6.15 to 6.26. In the update process, I was asked to make a backup of all my files, then delete the entire Drupal installation from my server, and rebuild it using the supplied files. I then copied all relevant back-up files back to the server from my local machine. The problem I'm having now is that I get a "The directory is not writable" notification whenever I do any sort of action as an admin. Initially, I was getting the error that "sites/default/files" was not writable, but I fixed that, and I changed the permissions on every file in the installation to 755. Why am I getting this error, and how can I fix it?
Although permissions may be set to 755, most likely the directory ownership is set to the wrong user.
Just wanted to add this possibility, which fixed this issue for me after trying many things:
If you're running SELinux (like Fedora), you may have a "security context" issue on /sites/default or /sites/default/files. So even if you open it up using chmod 777 (not a good idea), you STILL get the permission issue.
the fix is (first cd to sites directory):
restorecon -rv default/
I ran this locally as root.
I don't pretend to be an expert on security contexts by any stretch, but Fedora documentation is here.
Hope that helps others avoid my headache!
After finding the permissions problem, you'll probably want to go back and chmod 644 for all files, and 755 for directories (besides the upload folder) just to be safe.
Drupal sometimes create some directories so check if sites/default/files sub directories have the right permissions
You can do it using two possible options:
1. change the owner of files directory and all files inside it to apache user
2. Give 777 permissions recursively to files directory
I am deleting files (wordpress theme files )of my website to the server using cPanel, but still the files are reappearing. The files have a 000 permissions set.
It is strange that files have proper permissions ( i.e. 777) when they are on my local machine, but on uploading they are getting changed to 000. Do you think the site is infected by virus ? I run an Anti-Virus scan, and found none.
Any reason why this may be happening?
chmod 000 denies read, write, and execute permission to yourself, your group, and everyone else.
How are the files uploaded to the server? Your FTP program might me screwing up the files when they are uploaded.
If you have root access you should be able to remove using $ rm -rf filename
Edit
The Umask settings on your server are not right. Setting Umask to 777 will make permissions 000.
If you have shell access you can check for 777 Umask values by running: grep 'umask 777' /etc/skel/.bashrc
If you find anything change the Umask to 022. If you don't have shell access your host should be able to fix this for you.
Instead of using the cpanel uploader use a an FTP program like Transmit for Mac or Core FTP Pro for windows and make sure to always use SFTP which is encrypted instead of FTP.
If you have the option, use FTP to manage your server files. It's more reliable than any web-based client.
If not, try changing permissions through cPanel to 777 before deleting them. If you are unable to do that, then contact the server administrator to resolve the issue (since it looks like a server/cpanel misconfiguraiton).
This is caused by the server recreating folders because you have subdomains or email addresses still attached to the domains related to those folders. Delete the subdomains and emails related to them and those folders will stay deleted.Happened to me before :)
Tim
backup other files in folder then delete folder.
create new folder with previous folder name (that was you deleted) and copy backuped files to it.
This may just work for other users who don't know how to do the techies, or who don't have shell access:
Check to see whether what you want to delete is a FOLDER or a FILE
If it is a FOLDER, check the permissions on that FOLDER and change to 755, do the same if it a FILE and simply delete
The issue here is that you have to open the FOLDER and CHANGE ALL SUBFOLDERS and FILES inside it to permission settings 755.
Delete the files from the inside of the SUBFOLDERS out then to the FOLDERS
This should perhaps help someone.