Related

Subdomain with different DocumentRoot Question Question
You don't have permission to access / on this server. Wordpress multiple sites Ubuntu Question Question

Question

Apache permissions with WordPress on CentOS 7

Posted December 29, 2015 11.3k views
ApacheWordPress

I’ve set up dozens of CentOS servers before, so this one is baffling me to say the least…

I’ve got a “nothing fancy” LAMP stack running on a CentOS 7 droplet. I’ve got a VirtualDirectory configuration running a WordPress site that I’ve run on other hosts for many years, and it’s never given me a problem before. I’ve transferred it here, and have tried to install a plugin through the UI.

I get the “FTP login” screen (which I’ve never seen before). I’ve tried using chmod -R g+w on the wp-content folder (which I’ve never had to do before), I’ve set define(‘FS_METHOD’, 'direct’); as well. I’ve tried setting the apache user SSH keys. None of them solve my problem.

I thus must assume that I’ve got an Apache and/or a UNIX user config issue. But I can’t seem to find it.

Any pointers and/or hints would be greatly appreciated!

Cheers,
Geoff

Add a comment
gsowrey
By:
gsowrey
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
eris December 30, 2015

Hi Geoff,

The permissions you need will depend on which user Apache is running as. I found this article from Smashing Magazine, a while back, which does a great job at explaining exactly which permissions WordPress needs in order to run properly. I recommend it a lot in Support tickets, as well as to my friends who are seeing that dreaded FTP upload screen. Hopefully it helps you out!

The main takeaway from it is, on a VPS like your Droplet:

www-data (or whichever group the webserver is running as) should have group permissions for all of the WordPress files.

All files should be 664
All directories should be 775
wp-config.php should be set to 660, so “other” users cannot see sensitive information in that file.

Of course, this is only for a private environment like your Droplet. If you’re using the droplet to host multiple users, you’ll need a slightly different setup (also detailed in the article I linked above).

I hope that helps. Please let me know if you need any further help with this. :)

Best,
Eris
Platform Support Specialist

Reply Report
  • gsowrey December 31, 2015

    Hi Eris,

    In principle, I agree with you, but I have the difficulty of understanding why I’d need different permissions than with other hosts I’ve used. This should be something I should be able to configure through Apache and/or UNIX user perms, no?

    (Side note: I made “apache” own everything, with a common group, which does solve my current problem. This still perplexes me, though.)

    Cheers,
    Geoff

    Reply Report
    • eris December 31, 2015

      Hey Geoff,

      You shouldn’t need different permissions than with other hosts you’ve used. A Linux system is a Linux system. But it also depends on those hosts’ configurations. If you were using a shared host, it’s going to be different.

      For instance, with mod_privileges you can have each VirtualHost run as a specific user. On a previous host, your Apache process may have been running as the same user you log in as, so it’d have owner permissions.

      On most machines, Apache runs as www-data:www-data, but the files will be owned by whichever user you upload the files as. If you want to continue to be able to edit those files without chowning them each time, they can continue to be owned by you, but you’d need to grant group permissions to, for instance, Apache, and make sure the files are group-writable.

      Best,
      Eris
      Platform Support Specialist

      Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help