DigitalOcean

Question

Wordpress Update / HTML Root Permissions

I’m having a strange issue, wordpress is installed on CentOS 7, PHP-FPM, NGNIX. All seems to work fine, wordpress works, I can install plugins, and uload images etc… But when i try to update wordpress it peompts for FTP details, as it says files are not writable. In the health check plugin i see, The main WordPress directory Not writable The wp-content directory Writable The uploads directory Writable The plugins directory Writable The themes directory Writable

All Folders have the owner nginx, and all folder / file permsisions are correct. PHP / Nginx runs as the user nginx.

I’m guessing it’s a permission issue somewhere, but i just can’t see it. Even setting all folders to 777 has the same issue.

Has anyone any ideas?

Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

mplexoFebruary 19, 2018
Accepted Answer

Turns out it was SELinux causing the issue (See Below)

I simple ran the following two commands which fixed the issue. I’m not sure of the implications of this, so hopefully I’ve not opened up any security holes. But Wordpress now auto update, so I’m happy.

ausearch -c ‘php-fpm’ --raw | audit2allow -M my-phpfpm semodule -i my-phpfpm.pp

Log File

SELinux is preventing /usr/sbin/php-fpm from using the execmem access on a process.

***** Plugin catchall_boolean (89.3 confidence) suggests ******************

If you want to allow httpd to execmem Then you must tell SELinux about this by enabling the ‘httpd_execmem’ boolean.

Do setsebool -P httpd_execmem 1

***** Plugin catchall (11.6 confidence) suggests **************************

If you believe that php-fpm should be allowed execmem access on processes labeled httpd_t by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: ausearch -c ‘php-fpm’ --raw | audit2allow -M my-phpfpm semodule -i my-phpfpm.pp

Jason PetersFebruary 18, 2018

I have run into this situation on a few occasions. Most likely NGINX, PHP-FPM, and the FS Permissions are not quite correct.

For example NGINX is running under NGINX, Your site is located /var/www owned by root:root, and PHP is running as www-data. Even when you change the FS ownership there is still a conflict.

The solution I have found is to run Wordpress in its own user account.

For example lets say I have a wordpress site example.com. I would create a user example. In the user’s home directory I create my webroot - /home/example/public_html - and install wordpress here.

Then under /etc/php7/fpm/pool.d/ I create a file example.conf with the following settings

[example]
user = example
group = example
listen = /var/run/php7.0-fpm-example.sock
listen.owner = nginx
listen.group = nginx
php_admin_value[disable_functions] = exec,passthru,shell_exec,system
php_admin_flag[allow_url_fopen] = off
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
chdir = /

Then you will need to update your NGINX config and the fastcgi_pass directive

...
fastcgi_pass unix:/var/run/php7.0-fpm-example.sock;
...

You can find more information here : https://www.digitalocean.com/community/tutorials/how-to-host-multiple-websites-securely-with-nginx-and-php-fpm-on-ubuntu-14-04 It is for Ubuntu, however the gist of it all will be the same.

mplexoFebruary 19, 2018

Hi,

I’ve tried the above, but it still have the same issue. I decuded to spin up a new server, to do a fresh install on everything, but once again wordpress doesn’t think it can write to the root directory.

I can upload files / plugins through wordpress, so PHP must be working OK. I tried uploading a simple PHP file upload script, which worked so once again PHP and permissions look correct.

Its a really strange one, So if you have any other ideas, that would be great.

Thanks,

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.