The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WordPress uploads permissions

Discussion in 'General Discussion' started by wilfried, Aug 20, 2009.

  1. wilfried

    wilfried Active Member

    Joined:
    Aug 23, 2003
    Messages:
    33
    Likes Received:
    0
    Trophy Points:
    6
    I have WP installed on a cPanel server.
    For some reason I can't upload images using WP unless the "uploads" directory is set to "777" which I'd rather not do.

    What could be the cause of this? I'd rather be using 755
     
  2. thewebhosting

    thewebhosting Well-Known Member

    Joined:
    May 9, 2008
    Messages:
    1,201
    Likes Received:
    1
    Trophy Points:
    38
    When the PHP is installed as a module, it executes with the same permissions as the main apache instance, which is typically as the nobody user. Hence, you will need to set the upload permission to 777.
     
  3. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    If you can convince your hosting provider to use SuPHP, then 755 permissions will be sufficient for that functionality to work.
     
  4. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Sounds like the server where you installed WordPress is running PHP as a DSO (Apache Module) which insecurely runs all scripts commonly under the global username "nobody".

    Since your Wordpress application is being run as "nobody" instead of your own login name, you must have GLOBAL readable permissions minimum so to get to the bottom line, yes, you will need 777 for your folder to be uploadable as well as readable. Technically 666 would work too but that poses the very same security issue which you are obvious aware as you said "I'd rather not do"

    I would switch hosts or ask your host about upgrading to SuPHP based PHP which doesn't have these types of security issues.

    In fact, under SuPHP you could go as extremely tight as 400 and the typical norm is 640 for most uses. Folders are typically 750 or 755.
     
Loading...

Share This Page