View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions SFTP Account for Wordpress
Log in to Ask a Question

SFTP Account for Wordpress

development

Wordpress requires an SFTP account for uploading and installing plugins to itself. I understand how to create a SFTP account by creating a server user account, but what sort of steps do I need to go to secure the wordpress account so it can only modify the correct directories (plugins, themes, etc) in the wordpress directory and so the system user can't possibly do anything but upload and manage files in those folders?

3 Replies

No, Wordpress requires the PHP user to have write access to the folder Wordpress is in. If it doesn't have that, you can use the SFTP (or FTP) credentials of the user that owns the Wordpress files. SFTP is through SSH, so look into SFTP jails:https://library.linode.com/security/sftp-jails

Thank you! I was wondering why my installation needed FTP.

I'm a bit of a newb to server management, so is there anything I need to know about giving PHP write access or should I just do something like this?

chmod www-data 755 /srv/www/DOMAIN/public_html/

If PHP runs as www-data 755 should be good,though you should probably use chmod -R to do it recursively. I personally use chmod 710, but this may not work with your set up.

You're gonna want to run chown to change owners by the way, and chmod for the permissions (755)

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct