Comments

Upgrade permissions — 2 Comments

  1. I’m guessing the problem is one of ownership.

    when Apache creates a file, it is owned by the Apache user (usually ‘apache’ or ‘httpd’), but when you upload a file through FTP, it’s owned by the user you’ve uploaded through.

    in order for Apache to change a file you’ve uploaded, your file permissions must be relaxed to allow other users (apache or httpd) to edit them.

    I can think of two solutions off-hand.

    1. add your user to the same group as the Apache user, and change the ownership of the uploaded files so its group is that group. then you can relax the permissions to 0775 instead of 0777. Not perfect, but a tiny bit more secure.
    2. you can change the Apache server to run each site using the username associated with the site. for example, if this site is located in /home/apipeandakeyboard/public_html (or whatever), then it would run using the username “apipeandakeyboard”. This involves esoteric magic.

    Either way, neither solution is perfect – maybe it’s best to just accept the few minutes of insecurity instead of potentially breaking the whole server?

  2. So you have found my quiet ‘other corner’ of the Internet, Kae?!

    Both of those look a little messy (especially as I don’t have admin permissions on the server), so I suppose I will just have to grin and bear it.

    I wonder how others do it though? After all, WP is suppost to be written for Joe Soap, and not server administrators?

    Thanks for the response – I will give it a little thought……

Leave a Reply

Your email address will not be published. Required fields are marked *