[HacktionLab] Wordpress file permissions and ownership: command line versus dashboard

Mike Harris mike at mbharris.co.uk
Wed Apr 2 12:50:25 UTC 2014

On 01/04/2014 21:43, Marcus Valentine wrote:
> As as far as I am aware, for wordpress core upgrades, installation of
> plugins, themes etc to work through the WP dashboard, all files need
> to be owned by web-server user.
> This is all well and good, but then WP admins also on occasion want to
> add their own self-written themes, plugins via sftp etc.
> Has anyone figured out a permissions scheme that satisfies both
> requirements?
> Thanks
> Marcus
> _______________________________________________
> HacktionLab mailing list
> HacktionLab at lists.aktivix.org
> https://lists.aktivix.org/mailman/listinfo/hacktionlab
Hi Marcus,

We've just resolved this by following the instructions at

This means you end up with something like the following in your
wp-config.php file:

define('FTP_HOST', 'localhost:22');
define('FTP_USER', 'someuser');
define('FTP_PASS', '');

Before it would work we needed to do the following on Debian:

sudo apt-get install libssh2-php

and did an apache restart.

We still needed the wp-content/uploads directory (and poss
wp-content/updates) to be group owned and writable by the web server.

drwxrwxr-x  2 someuser www-data        4096 Apr  2 13:28 upgrade
drwxrwxr-x 15 someuser www-data        4096 Mar 28 16:41 uploads


Mike Harris
w: http://mbharris.co.uk
t: +44 7811 671 893
0: http://mbharris.co.uk/keys/pgp.html

More information about the HacktionLab mailing list