How can I fix permissions with Wordpress file uploads?

Hello, I had previously set up my server with this guide:

Basically, I set wordpress to use the wp-user, and set the wp-user to own the entire html directory. Another thing I did was to add my main user to the wp-user group, so I could edit files in the html directory on my FTP client.

Now, I have another wordpress installation running on a subdirectory of the html directory. I told it to use the same user and authentication as the first installation – but it didn’t work. Theme installation would be fine, for some reason, but media uploads are impossible. It just says “could not create directory …”

After messing with it quite a lot, I’ve managed to screw up media uploads on my first installation. Again, theme installs work fine. But media uploads have a different error on the first installation: ‘The uploaded file could not be moved…’

All files and folders in the html directory are owned by wp-user, and have a group of wp-user. Folders all have a permission of drwxr-xr-x, and files all have a permission of -rw-r–r–.

No idea what’s happening here. Any ideas?

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

A nice script can be found here that will set all your WordPress permissions based on the user, group and web root you specify.

# This script configures WordPress file permissions based on recommendations
# from
# Author: Michael Conigliaro
WP_OWNER=changeme # <-- wordpress owner
WP_GROUP=changeme # <-- wordpress group
WP_ROOT=/home/changeme # <-- wordpress root directory
WS_GROUP=changeme # <-- webserver group
# reset to safe defaults
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;
# allow wordpress to manage wp-config.php (but prevent world access)
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php
# allow wordpress to manage .htaccess
touch ${WP_ROOT}/.htaccess
chgrp ${WS_GROUP} ${WP_ROOT}/.htaccess
chmod 664 ${WP_ROOT}/.htaccess
# allow wordpress to manage wp-content
find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \;
find ${WP_ROOT}/wp-content -type d -exec chmod 775 {} \;
find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \;

I would recommend resetting your permissions and then from there checking the ownership and your configuration.