Recent Posts


« | Main | »

WordPress with a ‘Group’ permission scheme

By Dale Reagan | May 26, 2008

This is probably covered in the WordPress documentation; the closet discussion I could locate is:

Notes: a) this discussion is for Unix/Linux/BSD type systems, b) PHP version is less than 6 (‘safe_mode’ flags will disappear when PHP reaches version 6?), c) you should be able to make these changes using an ftp or SSH connection to your web server.

I can see where dealing with ‘security’ issues (file permissions) would drive a novice nuts. I started out running PHP without ‘safe_mode’ – everything worked well. IMO this is *not* a good way to set up PHP so I decided to give ‘safe_mode’ a try – things became, well, frustrating.

I settled on ‘safe_mode_gid’ as a more reasonable setting: using this approach you can manage your site by changing file ownerships to:

More information follows:

1st Number= file owner, 2nd number = group, 3rd number = ‘the world’

  1. change ownership your_login:apache_user_group FILE_or_Folder
  2. drwxr-xr-x | 755 = RW/R/R or Read-Write-Execute, Read/Execute, Read/Execute
  3. drwxrwxr-x | 775 = RW/RW/R or Read-Write-Execute, Read-Write/Execute, Read/Execute
  4. -rw-rw-r– | 664 =RW/RW/R or Read/Write, Read/Write, Read
  5. -rw-r–r– | 644 = RW/R/R or Read/Write, Read, Read

Comand line examples (if you have shell level access):

  1. chown your_login:apache_user FILE_or_Folder
  2. chmod 755 wordpress
  3. chmod 775 wordpress/wp-content/uploads
  4. chmod 664 sitemap.xml
  5. chmod 644 index.php

Your ISP/web service should be able to assist you with these types of issues.

Sample file listing output on a Linux system using the command: ls -l (numbers in parenthesis explain file/folder permissions)

How do you find out who the Apache_Group is?

echo '<pre>';
// touch a file, generate a long listing, review perms/owner
$result1 = system('touch /tmp/test_file_perms.txt', $retval1);
$result1 = system('ls -ltr /tmp/test_file_perms.txt', $retval1);
$group = system('ls -ltr /tmp/test_file_perms.txt | awk \'{print $3}\'', $retval2);
$result3 = system('rm /tmp/test_file_perms.txt', $retval3);
$w_user = system('ls -ltr | tail -1 | awk \'{print $3}\'', $retval4);
// output results
echo '</pre> ' ;
'<hr /> ' ;
'User: ' . $w_user ;
'<br />' ;
'Group owner should be: ' ;
$group ;
'<hr />' ;

** Note:  phpinfo() should NOT be accessible to generic visitors to your site since it is quite likely some some bad bot/visitor might use the information to compromise your system…

Topics: Site Progress, Web Problem Solving, Wordpress Software | Comments Off on WordPress with a ‘Group’ permission scheme

Comments are closed.

YOUR GeoIP Data | Ip:
Continent: NA | Country Code: US | Country Name: United States
Region: | State/Region Name: | City:
(US only) Area Code: 0 | Postal code/Zip:
Latitude: 38.000000 | Longitude: -97.000000
Note - if using a mobile device your physical location may NOT be accurate...

Georgia-USA.Com - Web Hosting for Business