[wp-trac] [WordPress Trac] #33966: Wordpress file ownership.
WordPress Trac
noreply at wordpress.org
Wed Sep 23 10:07:13 UTC 2015
#33966: Wordpress file ownership.
----------------------------+-----------------------------
Reporter: blakemoore123 | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Filesystem API | Version: 4.3.1
Severity: normal | Resolution:
Keywords: | Focuses: administration
----------------------------+-----------------------------
Comment (by blakemoore123):
Hi @dd32 ,
Couldn't, but if a directory has rwx for example the below:
`drwxrwxr-- 1 ftpuser www-data 3.0K Aug 19 03:19 wp-content`
Any user in the 'www-data' group '''will''' have access to write to the
wp-content directory. All you need to do is set either ACLs or set sticky
bits on the directories in questions.
Surely file permissions should be left up to the end client or a hosting
providers' sysadmin (thats me in this case). If there are any errors with
writing to files, just print them!
We have 10,000s of customers who don't want suPHP or php-fpm they just
want mod_php and an ftp user.
If you have 10 WordPress sites on one server all writable by www-data and
one gets hacked... (I understand you promote suPHP, but i don't think
everyone uses it.)
I understand that this wont change, so let's agree to disagree :-)
Please can you point me to some documentation which advises how to setup
WordPress with correct permissions and i can look at sending this out to
my colleagues.
Cheers
--
Ticket URL: <https://core.trac.wordpress.org/ticket/33966#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list