File/Directory Permissions on CentOS

  • I have been tasked with migrating a site from a hosted site to an in-house server. I have the CentOS 7 server installed. I have Apache, MariaDB, and PHP installed along with WordPress. I copied the files of the live site to /var/www/html and created the database for WordPress. The site itself is working fine. In the WP Admin, I can update all the plugins with no problem. I have full console access to the server.

    Here is two things I am trying to accomplish with no luck.

    (1) – I want to be able to use the one-click update for WP. I am getting the error:
    Downloading update from https://downloads.www.remarpro.com…
    Unpacking the update…
    The update cannot be installed because we will be unable to copy some files. This is usually due to inconsistent file permissions.: wp-admin/includes/update-core.php
    Installation Failed

    I know this is mentioned many times on the support sites I have found, but nothing I have tried has fixed this issue.

    (2) – In attempting to fix my problem in (1) above, I know that I have likely left settings so that things are not set with the proper owner and permissions. I am relatively new to Linux and I have not found a step-by-step guide to ensure permissions and ownership are what they need to be. After (1) above is working I want to harden the file/folder permissions to the recommended settings while still maintaining all the functionality of WP and updates. Initially, root was the oner of the /html folder and all subfolders, but now it is apache. I am not sure if this is correct or not.

    Can anyone help me with this?

    Thanks in advance…

Viewing 5 replies - 1 through 5 (of 5 total)

  • One thing to remember when working with permissions is that root should NEVER be the owner of anything public facing. The reason being is that, not even the WP god himself/herself can touch permissions that require the sudo command. Basically, root should only be used to maintain server updates and nothing web based.

    The second thing to keep in mind is that you should really use users and groups at the site level. This means that you can use Apache as the user but you really should run WP as a real user. Just like a FTP user so to speak.

    In order to do this, you should create a new user with apache level rights. Then change the html directory permissions and ownership by using (you have to be using root user for this)

    sudo chown -R username:group html

    Now depending on how the server is setup, this is where things can get tricky. If you are running Fast_CGI then it uses it own user. So this mean PHP will run at a different user level and not have permissions to write in the “html” directory. You MUST add all the different users in a group that can edit the “html” directory.

    If root owns anything and root is not used to edit it, then you will get a permission error. Running as apache is not bad if you are only going to be running one site. If you plan on ever running one site, you really should us users and groups to control your permissions on your server.

    Thread Starter ericcagle

    (@ericcagle)

    Justin, thanks for the reply.
    I initially set up the server with apache as the owner of the /html folder. While troubleshooting problems I changed the owner to root, but it did not fix the problem. I have now changed it back to apache (I do not plan to run another site from this server). So I am assuming that this should be secure enough to run this WP site?

    I have confirmed that I am not running Fast_CGI. Also, I confirmed that PHP is being run as the “apache” user.

    With all that said, I think I am good as far as the site working and functioning under the correct ownership. I am able to update plugins, but I still get the “inconsistent file permissions” message mentioned in my (1) problem. I plan to let someone else manage WP once the server is up and running and I need for this feature to work. That message is what led me to change permissions to begin with. Any idea?

    Thread Starter ericcagle

    (@ericcagle)

    No idea if this is related to the core update problem, but I cannot change my permalinks through WP admin either. I get the message that .htaccess is not writable. I verified the permissions and owner of the file, and it is set wtih apache as the owner and 644 permissions.

    Yea,it defiantly sounds like there is a server permission issue. If you change your .htaccess file to 0777 and it becomes writable, then you can be sure it is a permission issue. If you do change .htaccess to 0777 to test, do not forget to set the permissions back.

    Your permission issues probably lay way deeper and I would start from the ground up and sort the permissions correctly.

    Hi, it seems because CentOS 7 will start SELinux by default.

    You may try this command: sudo setenforce 0

    then upgrade again. It works for me. ??

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘File/Directory Permissions on CentOS’ is closed to new replies.