WordPress permissions for file uploading to a directory or folder

From: gfmorris.org

Dougal Campbell Says:
December 23rd, 2005 at 2:34 pm

Yeah, on all the servers *I* have dealt with, the web server runs as a different user. The exception would probably be web hosts who run PHP as a CGI process, which allows them to run it through suexec. But when PHP is installed as a module, it executes with the same permissions as the main apache instance, which is typically as the ‘nobody’ user (or a similarly unprivileged account).

You don’t *have* to make the wp-content directory writable for everything. Most parts of WP that need to write files under there are looking at particular subdirectory (cache, uploads, etc). Just make those writable, and there are fewer security concerns.

Leave a comment