Wordpress Directory Permission to allow uploads, plugin folders, etc

Question

Possible Duplicate:
What are the best linux permissions to use for my website?

I have a wordpress pre-made site which were developed on my localmachine, and i uploaded it too a vps running on debian6, using nginx, mysql, php. Following this guide:

1) Create an unprivilaged user, this could be say 'karl' or whatever, and make them belong to the www-data group. So that if I were to login as karl and create a web root in say /home/karl/www/ , all the files will be owned by karl:www-data

2) Set up nginx as the user www-data in nginx.conf

3) Set up PHP-FPM to run as www-data

4) Place your files in /home/karl/www/[domain name maybe]/public_html/, upload as 'karl' so you don't have to chown everything again.

when i type ls -l inside public_html/ it shows that all the files inside are owned by karl:karl. But the public_html directory is owned by karl:www-data.

I chmod 0755 the folder wp-content but i still get the error:

ERROR: Path ../wp-content/connection_images does not seem to be writeable.

I know i shouldn't set it too 777 due to security reason, how should i set it too proper permission? and what should i set also to allow my users to upload,write posts,edit articles?

Sorry for my english by the way.

Did you do "chmod -R 755"? So that connection_images is also 755? — StuR, Dec 04 '12 at 10:12

score 3 · Answer 1 · answered Dec 04 '12 at 09:50

If this is the only website on the machine - I suggest renaming your unprivileged 'karl' account to something that relates to the wordpress website, and then running your NGINX and PHP-FPM servers as this user. This means that files modified by you, and files modified by the web server wind up owned by the same account.

Obviously you want to ensure that the account can't do things like run sudo. This link (http://codex.wordpress.org/Hardening_WordPress) is a good read for learning what permissions Wordpress requires on what folders.

I'm planning to host another website.. though – user1015958 Dec 04 '12 at 10:19 — user1015958, Dec 04 '12 at 10:19

score 1 · Accepted Answer · answered Dec 04 '12 at 10:17

I believe you added the karl into www-data group, but whenever you will create a file it will be create with permission karl:karl, but you need karl:www-data.

For that remove karl user from the karl group.

Also, as the group is doing the writing here, you need to put the permission 0775, for wp-content folder. I believe once you change the permissions for all the folders inside wp-content, the upload will work.

Wordpress Directory Permission to allow uploads, plugin folders, etc

2 Answers2