Quite some time ago, I was following this tutorial which showed me how to install Wordpress on an NGINX + Ubuntu (LEMP) setup:
https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-nginx-on-ubuntu-14-04
I got stuck on this portion for quite some time back then as I used root
as the user for this instruction snippet below:
The group that nginx operates under is www-data. For the user portion, enter your user account name. We will demonstrate with an account called demo here:
sudo chown -R demo:www-data /var/www/html/*
To clarify, it didn’t give me any errors or anything, but what I found out was that if I used root:www-data for my file ownership settings, I wouldn’t be able to add / update plugins / edit code on the site. It would always prompt me for FTP / SFTP details, in which it would fail even if i entered the correct credentials due to the permissions being drwxr-xr-x
(Owner has write permission).
So i tried this:
sudo chown -R www-data:www-data /var/www/html/*
and it worked – I was able to write / update plugins freely as the Wordpress site admin.
However, I now have a roughly better understanding of how ownership and groups work, and I’m concerned that by doing chown -R www-data:www-data
, I opened a security flaw on my own.
Am I doing it right? Why didn’t root:www-data
work for being able to update the site in the first place?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
I researched the same problem and I found the solution. The trick is to add your user “demo” to the group www-data (since www-data is a group)
add user “demo” to group “www-data” (below replace demo with your username)
set permissions for user group www-data
followed by
Now you can modify files as “demo” via SFTP and your wordpress installation can modify files without requesting credentials
I researched the same problem and I found the solution. The trick is to add your user “demo” to the group www-data (since www-data is a group)
add user “demo” to group “www-data” (below replace demo with your username)
set permissions for user group www-data
followed by
Now you can modify files as “demo” via SFTP and your wordpress installation can modify files without requesting credentials
I researched the same problem and I found the solution. The trick is to add your user “demo” to the group www-data (since www-data is a group)
add user “demo” to group “www-data” (below replace demo with your username)
set permissions for user group www-data
followed by
Now you can modify files as “demo” via SFTP and your wordpress installation can modify files without requesting credentials
I researched the same problem and I found the solution. The trick is to add your user “demo” to the group www-data (since www-data is a group)
add user “demo” to group “www-data” (below replace demo with your username)
set permissions for user group www-data
followed by
Now you can modify files as “demo” via SFTP and your wordpress installation can modify files without requesting credentials
I researched the same problem and I found the solution. The trick is to add your user “demo” to the group www-data (since www-data is a group)
add user “demo” to group “www-data” (below replace demo with your username)
set permissions for user group www-data
followed by
Now you can modify files as “demo” via SFTP and your wordpress installation can modify files without requesting credentials
I researched the same problem and I found the solution. The trick is to add your user “demo” to the group www-data (since www-data is a group)
add user “demo” to group “www-data” (below replace demo with your username)
set permissions for user group www-data
followed by
Now you can modify files as “demo” via SFTP and your wordpress installation can modify files without requesting credentials
I researched the same problem and I found the solution. The trick is to add your user “demo” to the group www-data (since www-data is a group)
add user “demo” to group “www-data” (below replace demo with your username)
set permissions for user group www-data
followed by
Now you can modify files as “demo” via SFTP and your wordpress installation can modify files without requesting credentials
I researched the same problem and I found the solution. The trick is to add your user “demo” to the group www-data (since www-data is a group)
add user “demo” to group “www-data” (below replace demo with your username)
set permissions for user group www-data
followed by
Now you can modify files as “demo” via SFTP and your wordpress installation can modify files without requesting credentials
I researched the same problem and I found the solution. The trick is to add your user “demo” to the group www-data (since www-data is a group)
add user “demo” to group “www-data” (below replace demo with your username)
set permissions for user group www-data
followed by
Now you can modify files as “demo” via SFTP and your wordpress installation can modify files without requesting credentials
I researched the same problem and I found the solution. The trick is to add your user “demo” to the group www-data (since www-data is a group)
add user “demo” to group “www-data” (below replace demo with your username)
set permissions for user group www-data
followed by
Now you can modify files as “demo” via SFTP and your wordpress installation can modify files without requesting credentials