DigitalOcean

Report this

What is the reason for this report?
Question

How do I enable Wordpress to update itself through its back end?

Posted on September 30, 2013
ethan

By ethan

On hosts where I didn’t have the control over the server that I have now, I could update Wordpress’ core, plugins, themes and the like from Wordpress’ back end. Now, running multiple sites on virtual servers, if I try to update something, I get the following prompt:

<b>To perform the requested action, WordPress needs to access your web server. Please enter your FTP credentials to proceed.</b> Under that are boxes for the Hostname, FTP User, and FTP Password, and then radio buttons for FTP or FTP (SSL).

I’ve tried the IP address of my server, the name of my server, ‘localhost’, and the domain name of the site I’m trying to update - none of which work. I’m able to log in to FTP (SSL) with Cyberduck with user/password when pointing to the server’s IP, but it seems Wordpress doesn’t know what to do with that.

Could someone help me fix this problem?



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
ethan
ethan
October 1, 2013

Thanks for the help guys, like I said - I am so stumped.

e407c4f6ee8e122e2b7f
e407c4f6ee8e122e2b7f
April 28, 2018

This comment has been deleted

0
fariazz
fariazz
August 21, 2015

I would recommend to disallow all writing permissions for the www-data user and use the wp-cli command line tool (http://wp-cli.org/) to update Wordpress yourself (or with a cron job). You can also use wp-cli tool to install themes and plugins. The only times when you need to enable writing for the www-data user is when there is a version update (like from 4.2 to 4.3), otherwise these kinds of upgrades don’t work with wp-cli, but afterwards you can disable writing permission again. On minor version upgrades the command line tool works like a charm.

By doing that, if one of your sites is ever hacked they won’t be able to change any files in the server (like injecting malicious code in php files).

I wrote a blog post with security tips for Wordpress: http://html5hive.org/very-simple-tips-to-protect-your-wordpress-site-from-attacks/

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.