View all products
Compute
Storage
Networking
Databases
Services
Developer Tools
Solutions
Pricing
Library
Technical Resources
Community
Marketplace
What's New
Community Questions Is it safe to have Apache as owner of /www/html? (wp)
Log in to Ask a Question

Is it safe to have Apache as owner of /www/html? (wp)

development

So, in a nutshell wordpress requires certain permissions, and this has changed over time so the online tutorials are contradicting each other.

I'm on centos 6.3 with the latest wordpress.

I ended up doing

chown apache:apache /var/www/html/.htaccess (so it can insert the code for mod_rewrite)

and

chown apache:apache /var/www/html/wp-content/ -R (so it can upload content, pretty useful feature on a CMS :)

All the other permissions are set to what they were prior, ie chmod 755 /var/www/html/

Question: is this 'bad' or 'insecure' and if so why.

I can't for the love of everything that's good figure out a way to make wordpress behave without the above.

Thank you.

3 Replies

In order to upload files via your content management system, the CMS needs write-access to the directory where the files are to be stored. There's no way around that.

Is it secure? It depends on your CMS. If you're running the latest version of Wordpress then you're probably OK… until the next Wordpress exploit is discovered. If you're not, then a malicious person could use a known exploit to upload their content to your server, or do something else perhaps worse.

Kepp your Wordpress up-to-date.

Many thanks!

to upgrade wordpress, you can use sftp, so you need to set up a user that can sftp in and write to all the wordpress files.

the other way was to have all the wordpress files writeable by apache, but this isn't desirable, so use sftp.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct