I was dealing with this problem for a while and did not know how to give WordPress permission to write to his folders when updating plugins or themes.
On the other hand this was forcing me to chmod wp-content/uploads folder with 777 permissions. I am not a heavy image uploader, so when I was in need of updating I was just chmod to 777 and then, after uploading my stuff, get back to 755.
I am not a Linux lover, geek, guru (or how they call it) so I had no clue about why this happened on my VPS or how to fix that. But as a respectable “self-directed learner” as I am, I had to dig into the situation.
So this was my task list:
- Make a list of errors and possible relationship between them – others then the obvious permissions issue
- Gather some documentation on this and understand why it is happening in the first place
- See how other solved the errors and how can I apply it to my case.
- Actually solve it on my Linux installation with Parallels Plesk – and not die trying.
This are my issues
- WordPress asks for FTP username and password while it’s uploading/upgrading a plugin, a theme or WP himself.
- The 777 permissions are needed when I upload images (or any other media files) to my uploads directory.
- My mortgage is really expensive. (Later I have found out that this has nothing to do with the Apache permissions problem).
I was unable to upload images nor any other files using the WordPress Media Uploader. Could not upload plugins or themes via the WordPress automatic updater.
You don’t have to be a genius to know that images are uploaded via PHP and PHP is running on apache, so apache does not have permission to upload files. I seems that apache is a service and also a user in Linux. So after all, this it is a simple user permission.
Bottom line: Apache can not write to my WordPress folders
This is why all this happened in the first place
When mod_php is used to execute PHP scripts on a web server it does not have permission to write to the file system if it does not own it. I uploaded files via FTP. So the files were assigned to the ftp user and the Apache user does not have permission to edit them. This is really a common problem when working with a CMS like WordPress.
On the other hand, this also happen if a php process creates a file. This can not be later edited by the FTP user.
I had to set up PHP to run as FastCGI as it allows FTP and PHP scripts equal access, meaning file upload and edit functionality within the CMS works like a charm without any other special file permission configuration.
set up PHP to run as FastCGI
To do this in Plesk you will have to go to your domain Hosting Settings under the Websites & Domains tab.
Under the Web scripting and statistics secction you will se the PHP support option and you will have to change the Run PHP as part to the FastCGI Option.
Here is a complete explanation of all options available here with the pros and con that each one of them has a cording to the official Plesk Documentation and Help Portal. (https://docs.plesk.com/en-US/12.5/administrator-guide/web-hosting/php-management/php-handler-types.75145/)
|Handler type||Performance||Memory usage||Handler details|
|This handler is only available in Plesk for Linux. It is the least secure option as all PHP scripts are executed on behalf of the apache user. This means that all files created by PHP scripts of any plan subscriber have the same owner (apache) and the same permission set. Thus, it is possible for a user to affect the files of another user or some important system files. You can avoid some security issues by turning the PHP safe_mode option on. This disables a number of PHP functions that have potential security risks. This may lead to inoperability of some web apps. The safe_mode option is considered to be obsolete and was removed in PHP 5.4.|
This handler is only available in Plesk for Windows. The ISAPI extension can provide site isolation if a dedicated IIS application pool is switched on for subscriptions. Site isolation means that the sites of different customers run their scripts independently. Thus, an error in one PHP script does not affect the work of other scripts. In addition, PHP scripts run on behalf of a system user associated with a hosting account. The ISAPI extension handler is not supported starting from PHP 5.3
The CGI handler provides PHP script execution on behalf of a system user associated with a hosting account. On Linux, this behavior is possible only when the suEXEC module of the Apache web server is on (default option). In other cases, all PHP scripts are executed on behalf of the apache user. By default, the CGI handler is unavailable to Plesk customers.
The FastCGI handler runs PHP scripts on behalf of a system user associated with a hosting account.
This handler is only available in Plesk for Linux. The PHP-FPM is an advanced version of FastCGI which offers significant benefits for highly loaded web applications.
This may also help. There is a special directive for wordpress for not to ask to FTP credentials. For this you can add the following line to your wp-config.php after define('WP_DEBUG', false); line.
Hope this helped you trow all the process. Please let me know if you think I have omitted something, or how it worked on your specific server configuration.