[HacktionLab] Wordpress file permissions and ownership: command line versus dashboard

Alan Dawson aland at burngreave.net
Wed Apr 2 11:09:57 UTC 2014

On Wed, Apr 02, 2014 at 10:42:28AM +0100, Charlie Harvey wrote:
> On 02/04/14 08:11, Mick - Clearerchannel.org wrote:

> On the *nix permissions you would give group write to www-data and add
> the sftp user to www-data (on a debianlike system -- its www on
> freebsd). Like:

An alternate approach is to use run the webserver as the users whose site is being accessed.

For example 

apache2-mpm-itk http://mpm-itk.sesse.net/

Each user has their own wordpress install and can add whatever plugins and themes they wish
No user can read any others files because of user permissions and the fact the webserver runs as them

Users can break their own installation as much as they like, without affecting any other.

It's easy to script the initial install of wordpress  using http://wp-cli.org/

You might be able to do something similar using suPHPexec

Alan Dawson

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.aktivix.org/pipermail/hacktionlab/attachments/20140402/2b45c3ed/attachment.pgp>

More information about the HacktionLab mailing list