Question

i can upload images on wordpress only when i give access to the whole document root

i can’t upload images in wordpress after updating theme i can upload images on wordpress only when i give access to the whole document root. sudo chown -R www-data /var/www/html with the older theme it works fine. i already had this issue and i fix by

sudo chmod g+w /var/www/html/wp-content sudo chmod -R g+w /var/www/html/wp-content/themes sudo chmod -R g+w /var/www/html/wp-content/plugins sudo chmod -R g+w /var/www/html/wp-content/uploads

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

@abderbij

Generally, when setting up directory structure, everything other than the public directory should be owned by root – the rest by the user and group that needs read/write access.

For example, if you’re using /var/www/html, then both /var and /var/www should be owned by root and /var/www/html should be owned by www-data (in your case).

Normally I shy away from using /var and stick with /home and create individual directories for each user and site.

For example:

/home/sammy/htdocs/public

In the above, /home should already be owned by root (by default) and /home/sammy should as well. Beyond that, /home/sammy/htdocs and down is owned by sammy – all files and directories.

All files are chmod 644 and all directories are at max chmod 755 with some limited to 750.

You can, of course, further lock down permissions, though you have to be careful.

This is one reason why I use NGINX and PHP-FPM over Apache and mod_php. Instead of Apache and a single user (in most default configurations), NGINX runs as one user (normally nginx) and separate pool files are setup for each PHP-FPM instance, thus preventing a single user from needing to own all files and directories.

All users are basic users with only the permissions they need (which is normally SFTP access at most) and nothing more. They can’t login to shell (via SSH) – only SFTP. The root user owns the base directories and the user:group that PHP-FPM is running as owns the rest (the public-facing directories).

i was updating wp just like what is mentioned here : https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lamp-on-ubuntu-16-04

When an update becomes available, log back into your server as your sudo user. Temporarily give the web server process access to the whole document root:

sudo chown -R www-data /var/www/html Now, go back the WordPress administration panel and apply the update.

When you are finished, lock the permissions down again for security:

sudo chown -R sammy /var/www/html This should only be necessary when applying upgrades to WordPress itself.

yes exactly , please let me know how to make uploads dir owned by apache . thanks for your time!

Hi @abderbij

You’re chmod’ing with group rights, but you haven’t set the group with chown.

Run this to set user and group recursively on the web directory:

sudo chown -R www-data:www-data /var/www/html