Is it Secure to Grant Apache User Ownership of Directories & Files for Wordpress
Posted
by
Oudin
on Server Fault
See other posts from Server Fault
or by Oudin
Published on 2012-06-26T01:09:45Z
Indexed on
2012/06/26
9:17 UTC
Read the original article
Hit count: 275
I'm currently setting up WordPress on an Ubuntu server 12 everything runs fine but there is an issue when it comes to automatically updating and uploading media via WP as Apache "www-data" user does not have permissions to write to the directories. "user1" has full permission
All my directories have permissions of 0755 and files 644
my directories setup is as follows:
/home/user1/public_html
All WP files and directories are in "public_html"
In order to work around the auto updating and uploading media I've granted Apache user ownership to the following directories
sudo chown www-data:www-data wp-content -R
sudo chown www-data:www-data wp-includes -R
sudo chown www-data:www-data wp-admin -R
I would like to know security wise how secure this is and if it is not secure what would be the best solution?
That will allow me to keep all files and directories owned by user1 and still allow wp to be able to automatically update and uploading media
© Server Fault or respective owner