[wp-hackers] Installing themes, plugins without FTP credentials
otto at ottodestruct.com
Wed Mar 23 20:26:22 UTC 2011
suPHP or other setuid methods shouldn't really be used except on
shared servers, where multiple users are sharing a single hosting
If you have a private server, you can simply change the owner of the
WordPress directory and files to the user apache runs as and the
direct method will work, although this is really less secure.
Realistically, you should live with putting in your FTP credentials.
If you're wanting to automate this, you can define FTP_HOST, FTP_USER,
and FTP_PASS in the wp-config file to automatically use those. I would
recommend that if you do this, you setup an FTP user specifically for
this case who only has access to the WP directory.
On Wed, Mar 23, 2011 at 2:26 PM, Daniel Bachhuber <d at danielbachhuber.com> wrote:
> A less efficient way of achieving the same effect is to install suPHP on the server. I did that at one point with an older machine if you'd like me to dig up instructions
> On Mar 23, 2011, at 2:33 PM, Scot Hacker <shacker at birdhouse.org> wrote:
>> From all the reading I've done, WP's themes and plugins installers will either:
>> 1) Work without FTP credentials if the directories are writable by the web server process
>> 2) Prompt for FTP credentials
>> On my server, apache runs as nobody. So:
>> chown -R nobody:nobody wp-content/themes
>> chmod g+w wp-content/themes
>> Still prompts for FTP credentials. For testing, I open it up all the way (which I don't like to do):
>> drwxrwxrwx 6 nobody nobody 4096 Mar 21 12:00 themes/
>> but it still doesn't work. Making sure the installer scripts themselves are owned by nobody:
>> # ls -l wp-admin/theme-install.php
>> -rw-r--r-- 1 nobody nobody 3355 Feb 25 13:27 wp-admin/theme-install.php
>> So... why do I still get prompted for FTP credentials? Using WP 3.1.
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers