-1

I have my WordPress site newly hosted on a small Linux box with Nginx. Nginx runs as the user www-data just like apache, so I have the entire public_html directory owned by www-data so that WordPress can upload media files, install new plugins, etc.

My question is how can I setup the public_html directory so that a user logged in via SFTP can upload or edit files? I tried doing 

chown -R myUserName:www-data public_html

but that didn't work.

WebDevDude
  • 151
  • 3
  • 7

1 Answers1

1

One thing is setting the owner and group - but you need to define whether or not the user and/or group can write.

This will do what you are asking

find /path/to/public_html -type d -exec chmod 775 {} \;
find /path/to/public_html -type f -exec chmod 664 {} \;

However, you don't want your webserver to be able to write to everything on a Wordpress installation.

You want to figure out exactly what directories you need to be writable by reading the Wordpress hardening guide

If you do not do this, rest assured that your site will be hacked at some point. Not necessarily defaced or changed, but attackers often just use a little space on your site to store a phishing page - which can be a pain to fix.

Celso Bessa
  • 145
  • 7
Frands Hansen
  • 4,657
  • 1
  • 17
  • 29
  • If the server is not writable to the WordPress install directory, then automatic updates will never work. I had already set the permissions on file, but this changes nothing. – WebDevDude Dec 02 '12 at 20:23
  • Those commands will set all files and folders to be writable by user and group. And the group is www-data as you set with your chown, thus giving www-data write access to the files. – Frands Hansen Dec 02 '12 at 21:48