Allowing Wordpress to update/install with SSH Keys

September 17, 2016 133 views
WordPress CentOS


Can anyone help with this.

I am using centOS on a small droplet with a couple of Wordpress installs, I have SSH Keys set up however I don't want to use FTP to allow Wordpress access to auto updates and plugin installs.

There must be a solution for this but I cannot find anything really useful on the net. Any ideas?

1 Answer
xMudrii September 17, 2016
Accepted Answer

You have two options to bypass FTP.

1. First one is using Direct write to wp-content directory

This method doesn't require FRP or SSH, it directly writes to wp-content directory. You must ensure before using this method that you does have sufficient permissions to write to wp-content.
Usually you would go with setting ownership to regular user (e.g. sammy) and group to apache (apache is CentOS equivalent to Ubuntu's www-data).

This is done by following command:

  • sudo chown -R sammy:apache /var/www/html

After you make sure it is setup correctly you will have to change wp-config.php.
Find FSMETHOD and change its value to direct.
It should look like -> `define('FS
METHOD', 'direct);`

2. First one is using SSH/SFTP write to wp-content directory

There is How To Configure Secure Updates and Installations in WordPress on Ubuntu by DigitalOcean.
It is for older version but it still should do its job.
Keep in mind if you are using php7 to use equivalent packages for it.

by Justin Ellingwood
WordPress is the most popular content management system (CMS) on the web currently. While WordPress can be a great way to manage you content, there are some very insecure configurations that are given throughout the internet. This article will cover how to set up secure updates and installations using SSH keys instead of FTP, which is an inherently insecure protocol.
Have another answer? Share your knowledge.