I wanted to use WP-CLI commands in my putty WordPress 5.5.1 & Ubuntu 20.04 Droplet but “When I use Wp commands without --allow-root then It shows an error that you are accessing as the root user,” and I know it’s un-secure to use --allow-root. Please Can anyone help me in accessing wp commands in my Putty without --allow-root.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hello, @newwayelegant
Could you please let me know if the root user is the only available user on your droplet? What you can do is to create additional user and switch to it in order to use the wp-cli. The new user should have writable access to your website’s files.
Hope that this helps! Regards, Alex
To use WP-CLI commands securely without using the --allow-root flag in your Ubuntu 20.04 droplet, you’ll need to configure a non-root user with appropriate permissions to access and manage your WordPress files. Here’s how you can set this up:
Step 1: Create a New User
- Connect to your server via SSH using Putty as the root user.
- Create a new user. Replace
usernamewith the desired username:
adduser username
- Follow the prompts to set the password and other details for the new user.
Step 2: Add User to the Web Server Group
Your web server (usually Apache or Nginx) runs under a specific user group, commonly www-data for Apache on Ubuntu. Adding your new user to this group will help manage file permissions effectively.
usermod -aG www-data username
Step 3: Set Proper Permissions
To ensure that your new user has the correct permissions to manage the WordPress files, you should adjust the permissions of your WordPress directory. Assuming your WordPress is installed in /var/www/html, you can do the following:
- Change the ownership of the WordPress files to
www-data(web server) while granting write access to your user group:
chown -R www-data:www-data /var/www/html
- Set directory permissions to 775 and file permissions to 664 to allow group write permissions:
find /var/www/html -type d -exec chmod 775 {} \;
find /var/www/html -type f -exec chmod 664 {} \;
Step 4: Configure SSH Access for the New User
For better security, it’s recommended to use SSH keys instead of passwords:
- On your local machine, generate an SSH key pair if you haven’t already:
ssh-keygen
- Copy your public key to the server under the new user. Replace
usernameandserver_ipwith your actual username and server IP:
ssh-copy-id username@server_ip
Now, try logging in with the new user:
ssh username@server_ip
Step 5: Use WP-CLI as the New User
Now, log in to your server with the new user account
ssh username@server_ip
Navigate to your WordPress directory:
cd /var/www/html
You should now be able to use WP-CLI commands without needing to use --allow-root:
wp plugin list
Additional Tips
- Regularly update WP-CLI: To keep WP-CLI up-to-date, you can run
wp cli updateperiodically. - Use WP-CLI from anywhere: To run WP-CLI from any directory, make sure the WP-CLI path is included in your user’s
$PATHenvironment variable.
By following these steps, you can safely use WP-CLI commands without using the root user, enhancing the security of your WordPress site on your DigitalOcean droplet.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.