WordPress.org

Ready to get started?Download WordPress

Forums

Change wordpress user from www-data to my username (5 posts)

  1. GrimPanda
    Member
    Posted 1 year ago #

    Hi,

    WordPress is using the name www-data to write files. I am using the username grimpanda.

    If I change ownership to grimpanda:grimpanda I can FTP my files over without issue, but wordpress cannot write.

    If I change ownership to www-data:www-data wordpress can write, but I cannot FTP.

    grimpanda:www-data (wordpress cannot write, I can)
    www-data:grimapanda (wordpress can write, I cannot)

    So I made a group called 'webmasters'.
    groupadd webmasters

    added www-data and myself to that group
    sudo usermod -a -G webmasters www-data
    sudo usermod -a -G webmasters grimpanda

    Change ownership:
    sudo chown -R www-data:webmasters . (no joy)
    sudo chown -R grimpanda:webmasters . (no joy)

    I would like to be able to FTP from my username, and have wordpress write as well. How do I do this?

    Should I alter:
    export APACHE_RUN_USER=www-data
    export APACHE_RUN_GROUP=www-data

    in my envvars? I am worried about security if I do this?

    EDIT: I changed my /etc/apache2/envvars as mentioned above to my name and now it works if my wordpress is owned by my name and group (grimpanda:grimpanda) and I can of course FTP.

    My question now from a linux guru:

    Is this a safe and best practice?

    Thanks a ton.

  2. Yui
    Member
    Posted 1 year ago #

    you can use suphp or mpm-itk
    alternatively - php-fpm

    Its much safer and less conflicting with anything

    PS: You shouldnt worry running your stuff in a 'shared' env if you run only your stuff without others accessing your vps/server

  3. millertchris
    Member
    Posted 9 months ago #

    @GrimPanda you could not have summed this up better. This is exactly what i've been working on today and I was wondering if you found your answer regarding security risk & ect.

    I'd rather not use www-data:www-data as the user / owner of my directories. Though about altering the enviers file as well.

    Please let me know what your outcome was.

  4. GrimPanda
    Member
    Posted 9 months ago #

    @millertchris

    It's been a while since I did this, but what follows the EDIT: in my OP did indeed fix the problem if I recall correctly. Editing that file allowed apache to run as my username.

    Hope that helps!

  5. millertchris
    Member
    Posted 9 months ago #

    Sweet, thanks for the reply. I've been researching this and wanted to make sure that this was the most secure way of doing it.

    The only problem i've noticed is that if that user was compromised, the hack could compromise the entire server. The www-data user does not have access to any other location other than the var/www/ directory, which is more secure.

    I supposed you could always restrict access.

Topic Closed

This topic has been closed to new replies.

About this Topic