Question
i can upload images on wordpress only when i give access to the whole document root
- Posted May 10, 2017
- WordPressLAMP StackLinux CommandsUbuntu 16.04
i can’t upload images in wordpress after updating theme i can upload images on wordpress only when i give access to the whole document root. sudo chown -R www-data /var/www/html with the older theme it works fine. i already had this issue and i fix by
sudo chmod g+w /var/www/html/wp-content sudo chmod -R g+w /var/www/html/wp-content/themes sudo chmod -R g+w /var/www/html/wp-content/plugins sudo chmod -R g+w /var/www/html/wp-content/uploads
Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign in to AnswerThese answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
@abderbij
Generally, when setting up directory structure, everything other than the public directory should be owned by
root– the rest by the user and group that needs read/write access.For example, if you’re using
/var/www/html, then both/varand/var/wwwshould be owned byrootand/var/www/htmlshould be owned bywww-data(in your case).Normally I shy away from using
/varand stick with/homeand create individual directories for each user and site.For example:
In the above,
/homeshould already be owned byroot(by default) and/home/sammyshould as well. Beyond that,/home/sammy/htdocsand down is owned bysammy– all files and directories.All files are
chmod644 and all directories are at maxchmod755 with some limited to 750.You can, of course, further lock down permissions, though you have to be careful.
This is one reason why I use NGINX and PHP-FPM over Apache and
mod_php. Instead of Apache and a single user (in most default configurations), NGINX runs as one user (normallynginx) and separate pool files are setup for each PHP-FPM instance, thus preventing a single user from needing to own all files and directories.All users are basic users with only the permissions they need (which is normally SFTP access at most) and nothing more. They can’t login to shell (via SSH) – only SFTP. The
rootuser owns the base directories and the user:group that PHP-FPM is running as owns the rest (the public-facing directories).i was updating wp just like what is mentioned here : https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lamp-on-ubuntu-16-04
When an update becomes available, log back into your server as your sudo user. Temporarily give the web server process access to the whole document root:
sudo chown -R www-data /var/www/html Now, go back the WordPress administration panel and apply the update.
When you are finished, lock the permissions down again for security:
sudo chown -R sammy /var/www/html This should only be necessary when applying upgrades to WordPress itself.
yes exactly , please let me know how to make uploads dir owned by apache . thanks for your time!
Hi @abderbij
You’re chmod’ing with group rights, but you haven’t set the group with chown.
Run this to set user and group recursively on the web directory: