Upgrade permissions

A Pipe and a Keyboard Posted on by

I have a wee problem that I find quite irritating.

I look after a number of blogs, all running WordPress, and running on a mix of servers.  On a fairly regular basis, plugins, or even the core code needs to be updated and that is fine.

My problem arises with the plugins.  In order to do an automatic upgrade, I have to go into each server in turn and change permissions on the “wp-content” directory, from 755 to 777.  After the upgrade, I have to remember to revert to 755 again.  Failure to do this results in a message telling me that the update could not download to the temporary directory.

Is there a way around all this faffing with permissions?  Is there a plugin or something that will automate the process?

It’s not exactly a critical problem, but a resolution would make life a little easier!

Comments

Upgrade permissions — 2 Comments

  1. I’m guessing the problem is one of ownership.

    when Apache creates a file, it is owned by the Apache user (usually ‘apache’ or ‘httpd’), but when you upload a file through FTP, it’s owned by the user you’ve uploaded through.

    in order for Apache to change a file you’ve uploaded, your file permissions must be relaxed to allow other users (apache or httpd) to edit them.

    I can think of two solutions off-hand.

    1. add your user to the same group as the Apache user, and change the ownership of the uploaded files so its group is that group. then you can relax the permissions to 0775 instead of 0777. Not perfect, but a tiny bit more secure.
    2. you can change the Apache server to run each site using the username associated with the site. for example, if this site is located in /home/apipeandakeyboard/public_html (or whatever), then it would run using the username “apipeandakeyboard”. This involves esoteric magic.

    Either way, neither solution is perfect – maybe it’s best to just accept the few minutes of insecurity instead of potentially breaking the whole server?

    Reply

  2. So you have found my quiet ‘other corner’ of the Internet, Kae?!

    Both of those look a little messy (especially as I don’t have admin permissions on the server), so I suppose I will just have to grin and bear it.

    I wonder how others do it though? After all, WP is suppost to be written for Joe Soap, and not server administrators?

    Thanks for the response – I will give it a little thought……

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

HTML tags allowed in your comment: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>