My site is on a shared hosting. I've been using FTP and PHP File Manager to upload and delete files. Recently I've found a file I couldn't delete due to permissions, neither in PHPFM nor in FTP. So I've used DirectAdmin (the only option for my plan) to reset all permissions. Then I set all permissions for all files in public_html and subfolders to 777 recursively. I know only that it allows me to do more than any other permission variant.
Now the site is running in a static way, I can open PHP File Manager and it has no permission to upload files. I can upload files in DirectAdmin, however, but that feels unsafe. PHP File Manager reads: 'I/O error'. The directories look like this:
What do 1422 and 1420 mean? What can I do to upload files again? Thank you for the help.
1422 is the user_id the file belongs to and 1420 the group_id it belongs to.
Linux has a permission system, where you can give special permissions to the owner, your group and everyone else.
Permission 777 means everybody can read/write/execute, your group (1420) can read/write/execute and you (user 1422) can read/write/execute the file.
Permissions:
1 is execute file or open directory
2 is write
4 is read
Read/write permission is 2+4=6, read/execute (or open a directory) is 1+4=5
The three numbers represents [owner][group][everybody], so setting a file to 644 means user can read/write and everybody else just read a file.
Edit: The safe thing is to set all files to 644 and directories to 755. Private files should be 600 and executable files 755 (PHP files are NOT executable).
Apache is run as user apache or httpd, which is another user, therefore you must give "everybody" permission to read your PHP files and directories.
Edit2: If you need PHP to upload files, it is really done as user apache/httpd. Therefore you need to give full privileges to "everybody" to open directories and read/write 777. The file permissions should be 666.
Related
I am looking for the correct way to set up permissions on files and directories so that FTP user can update the files while HTTPD process can read/write everything inside wp-content.
Basically, we need to add apache user to USER group and vise-versa then set 664 and 775 on files/dirs and that will work.
The problem is with files being uploaded via FTP gets 644 and ownership by USER while files created by apache will have ownership of apache.
Could be great if someone can help here based on experience and tests and not only on guessing.
Thank you all!
I am looking for the correct way to set up permissions on files and directories so that FTP user can update the files while HTTPD process can read/write everything inside wp-content
all file folders need to be "0755"
all files need to be "0644"
I have a access to the server where many wordpress blogs are hosted. Initially the permission to uploads folder were set to 777(Recursively) but this caused problems to our server and malicious files where uploaded due to which our server is blacklisted.
I have deleted all those PHP files under uploads folder and set the permission to 755.
Now the problem is that the admin users to wordpress blogs/sites unable to upload media files.
Please guide me what I can do so that they can upload files (images or videos).
Can we set something which will ask FTP details when they upload files using wordpress admin. I can create FTP users for this.
Please Guide.
Not sure what type of error you are getting. But you can try this
add this line to
define('UPLOADS', 'wp-content/uploads');
wp-config.php
just before below line
require_once(ABSPATH.’wp-settings.php’);
If the directory doesn’t already exist, WordPress will automatically create it as long as the wp-content folder is writeable.
Hey I just set the Permission to chmod -v 747 uploads and it worked. Atleast better than 777.
But would like to here suggestion if this is risky. If risky then how much. I am new to permissions and server management.
Thanks !
I know this is an old thread but I found it high in the results for an unrelated issue I am having. It seemed by the permission modes being used #vanurag was actually having a user/group permissions issue rather than the permission modes (755 vs 777) issue.
You can find the web server user with var_dump(whoami()) in php, could be something like www-data.
Once know the user name verify that user is either the owner of the folder or is in the group assigned to the folder. You can use the following in Linux console to find current user/group.
ls -l /path/to/wp-content/uploads
Either add the web server user (www-data) as the owner and leave the group as it is or add the user to the group who have permissions.
Use chown (change owner) to set your users to your needs.
I usually add the user to the group rather than change the owner since the owner could be an FTP user and may mess up permissions used else where in your configuration.
usermod -g www-data foobar where foobar is the name of the group who has permissions to the uploads folder.
Here is a decent article on this issue in respect to WordPress uploads folder.
https://www.digitalocean.com/community/questions/proper-permissions-for-web-server-s-directory
I have seen many questions and answers on this topic but none seem to help my situation. My PHP code is successfully creating a new logfile, but then cannot access that file to append further info, close it, etc.
I am migrating an application from local XAMPP onto LAMP: hence problem only showing up now due to Windows/XAMPP giving no permission troubles.
I started with a default Bitnami LAMP stack, and then manually setup relevant directory permissions on server:
- my sftp user has rwx on htdocs and assorted out-of-web-root directories
- apache is running as 'daemon' so I have given read & execute permissions to relevant directories for 'daemon' as group
- in most directories I have disallowed write permissions for 'daemon'
- however for my (application generated, internal) logs I have a 'logfiles' directory which has rwx for both my user and the 'daemon' group
- 'other' is -rwx for all
When I run my application it falls over pretty much immediately. The error logs showing fopen failed to open stream: permission denied. However, the permissions indicate that it should have access.
When I check the file involved it has following permissions:
-rw-r--r-- 1 daemon daemon 962 Oct 3 10:14 20151003logfile03-10-33530.txt
This tells me that the file was created by Apache (i.e. by my PHP script) and that it has read and write permissions, from when I fopen() with "w"
EDIT: adding directory info:
Folder level permissions give my ftps user and daemon (group) full rwx access:
drwxrwx--- 2 ftpuser daemon 4096 Oct 3 10:30 logfiles
BUT it can't then fopen with "a"
I am assuming that this IS a file permission problem because:
a) it works fine on XAMPP
b) it states permission error in the error log
However, I can't see why it should be a problem, given directly-specified OS-level permissions ... maybe Apache requires an .htaccess 'allow' on this directory also?
Any ideas?
Clarification re why I don't think CHMOD is the answer (sorry #RedAcid):
CHMOD 777 etc is simply a way to set the underlying permissions I already have. Each digit represents 3 binary chars, so 7 is 111 (i.e. read, write and execute). As you can see above, I have read/write/execute for PHP/Apache on folder, together with read/write for file. What I've read suggests that you need execute at directory level, but not at file level because its not trying to execute the file.
So what am I missing here? Why else might it be denying permission?
use chmod 666 for the file and proper user group permissions. folder where files are located must be writable with chmod 777
OK - I found out the problem was higher level parent directory not having read/execute permissions. Now working! (AT LAST!)
For more detail see this previous question:
PHP fopen() fails on files even with wide-open permissions
I need to change the permissions and owner / group on a series of files within a folder on an Apache server w/PHP 4. My script will change the info if it is of type .txt (text file). But will not chmod, chown, chgrp for files with an extension of .incl (include) files which are copied into HTML/PHP files via the include or require function.
Can someone help me understand this. The folder is a 0777, the incl files are 0644 with owner glnorg / group users (created by my filezilla login).
I need to change to the following: owner nobody / group nogroup so the user can log in to their website and edit under their login (albeit generic).
Otherwise the editor, when saving, gives a permission warning message (annoying).
You can use chmod 777 *.txt
What it will do is assign full read and write permission to all txt files in the folder for all users and group.
However you can change the permission from 777 as per your need.
I have created a custom CMS with PHP and it uploads files to a directory with 777 permissions on it. When the files are uploaded they are given 600 with apache being the owner, therefore I can't download them through FTP as the main FTP user.
Anybody have any ideas? I have tried changing the permission but don't have rights due to the owner being apache.
You cant chmod the files, but 'apache' can: after uploading an moving the file,change the permissions in the same script. As it is run by apache, it is allowed to do so.
http://php.net/manual/en/function.chmod.php
For uploading files it is important to note that uploading files without explicitly setting permissions after is a bad practice.
I would take the link Nanne provided and begin to add that to your upload script. This will ensure that the files are given the appropriate permissions for each situation you will need them.