Is it Secure to Grant Apachie User Ownership of Directories & Files for Wordpress
- by Oudin
I'm currently setting up WordPress on an Ubuntu server 12 everything runs fine but there is an issue when it comes to automatically updating and uploading media via WP as Apache "www-data" user does not have permissions to write to the directories. "user1" has full permission
All my directories have permissions of 0755 and files 644
my directories setup is as follows:
/home/user1/public_html
All WP files and directories are in "public_html"
In order to work around the auto updating and uploading media I've granted Apache user ownership to the following directories
sudo chown www-data:www-data wp-content -R
sudo chown www-data:www-data wp-includes -R
sudo chown www-data:www-data wp-admin -R
I would like to know security wise how secure this is and if it is not secure what would be the best solution?
That will allow me to keep all files and directories owned by user1 and still allow wp to be able to automatically update and uploading media