• I’m getting this under my site health:

    The main WordPress directoryNot writable
    The wp-content directoryNot writable
    The uploads directoryNot writable
    The plugins directoryNot writable
    The themes directoryNot writable
    The must use plugins directoryNot writable

    None of my plugins or themes can update. All my folders permissions levels are correct. I’m running php 7.4. My wordpress is 6.0.1 because I can’t upgrade due to directory not writable. What would do this?

Viewing 12 replies - 1 through 12 (of 12 total)
  • Moderator James Huff

    (@macmanx)

    Volunteer Moderator

    Specifically, what are the directory permission set at?

    Directories need to be at least 755, however depending on server configuration, that sometimes needs to be 775: https://wordpress.org/documentation/article/changing-file-permissions/

    Thread Starter googleman23

    (@googleman23)

    Yes, that’s the weird thing. I took over as admin for this website and the previous did something where we get those errors. All folders have the same permissions.

    Moderator James Huff

    (@macmanx)

    Volunteer Moderator

    Specifically, what are the directory permissions set at?

    Thread Starter googleman23

    (@googleman23)

    Folders are 755, files 644.

    Moderator James Huff

    (@macmanx)

    Volunteer Moderator

    Huh, yeah that should be just fine.

    What are the contents of your .htaccess file?

    To check this, access your server via SFTP or FTP or a file manager in your hosting account’s control panel, find the .htaccess file, and edit the file with a plain text editor.

    If you can’t find a .htaccess file, ensure that you have set your SFTP or FTP client to view invisible files.

    Thread Starter googleman23

    (@googleman23)

    <ifModule mod_headers.c>
    Header always set Content-Security-Policy "upgrade-insecure-requests;"
    </IfModule>
     
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
    </IfModule>
    # BEGIN WP Rocket v3.11.3
    # Use UTF-8 encoding for anything served text/plain or text/html
    AddDefaultCharset UTF-8
    # Force UTF-8 for a number of file formats
    <IfModule mod_mime.c>
    AddCharset UTF-8 .atom .css .js .json .rss .vtt .xml
    </IfModule>
    
    # FileETag None is not enough for every server.
    <IfModule mod_headers.c>
    Header unset ETag
    </IfModule>
    
    # Since we’re sending far-future expires, we don’t need ETags for static content.
    # developer.yahoo.com/performance/rules.html#etags
    FileETag None
    
    <IfModule mod_alias.c>
    <FilesMatch "\.(html|htm|rtf|rtx|txt|xsd|xsl|xml)$">
    <IfModule mod_headers.c>
    Header set X-Powered-By "WP Rocket/3.11.3"
    Header unset Pragma
    Header append Cache-Control "public"
    Header unset Last-Modified
    </IfModule>
    </FilesMatch>
    
    <FilesMatch "\.(css|htc|js|asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip)$">
    <IfModule mod_headers.c>
    Header unset Pragma
    Header append Cache-Control "public"
    </IfModule>
    </FilesMatch>
    </IfModule>
    
    <IfModule mod_mime.c>
    	AddType image/avif                                  avif
        AddType image/avif-sequence                         avifs
    </IfModule>
    # Expires headers (for better cache control)
    <IfModule mod_expires.c>
    	ExpiresActive on
    	ExpiresDefault                              "access plus 1 month"
    	# cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
    	ExpiresByType text/cache-manifest           "access plus 0 seconds"
    	# Your document html
    	ExpiresByType text/html                     "access plus 0 seconds"
    	# Data
    	ExpiresByType text/xml                      "access plus 0 seconds"
    	ExpiresByType application/xml               "access plus 0 seconds"
    	ExpiresByType application/json              "access plus 0 seconds"
    	# Feed
    	ExpiresByType application/rss+xml           "access plus 1 hour"
    	ExpiresByType application/atom+xml          "access plus 1 hour"
    	# Favicon (cannot be renamed)
    	ExpiresByType image/x-icon                  "access plus 1 week"
    	# Media: images, video, audio
    	ExpiresByType image/gif                     "access plus 4 months"
    	ExpiresByType image/png                     "access plus 4 months"
    	ExpiresByType image/jpeg                    "access plus 4 months"
    	ExpiresByType image/webp                    "access plus 4 months"
    	ExpiresByType video/ogg                     "access plus 4 months"
    	ExpiresByType audio/ogg                     "access plus 4 months"
    	ExpiresByType video/mp4                     "access plus 4 months"
    	ExpiresByType video/webm                    "access plus 4 months"
    	ExpiresByType image/avif                    "access plus 4 months"
    	ExpiresByType image/avif-sequence           "access plus 4 months"
    	# HTC files  (css3pie)
    	ExpiresByType text/x-component              "access plus 1 month"
    	# Webfonts
    	ExpiresByType font/ttf                      "access plus 4 months"
    	ExpiresByType font/otf                      "access plus 4 months"
    	ExpiresByType font/woff                     "access plus 4 months"
    	ExpiresByType font/woff2                    "access plus 4 months"
    	ExpiresByType image/svg+xml                 "access plus 4 months"
    	ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
    	# CSS and JavaScript
    	ExpiresByType text/css                      "access plus 1 year"
    	ExpiresByType application/javascript        "access plus 1 year"
    </IfModule>
    # Gzip compression
    <IfModule mod_deflate.c>
    # Active compression
    SetOutputFilter DEFLATE
    # Force deflate for mangled headers
    <IfModule mod_setenvif.c>
    <IfModule mod_headers.c>
    SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
    RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
    # Don’t compress images and other uncompressible content
    SetEnvIfNoCase Request_URI \
    \.(?:gif|jpe?g|png|rar|zip|exe|flv|mov|wma|mp3|avi|swf|mp?g|mp4|webm|webp|pdf)$ no-gzip dont-vary
    </IfModule>
    </IfModule>
    
    # Compress all output labeled with one of the following MIME-types
    <IfModule mod_filter.c>
    AddOutputFilterByType DEFLATE application/atom+xml \
    		                          application/javascript \
    		                          application/json \
    		                          application/rss+xml \
    		                          application/vnd.ms-fontobject \
    		                          application/x-font-ttf \
    		                          application/xhtml+xml \
    		                          application/xml \
    		                          font/opentype \
    		                          image/svg+xml \
    		                          image/x-icon \
    		                          text/css \
    		                          text/html \
    		                          text/plain \
    		                          text/x-component \
    		                          text/xml
    </IfModule>
    <IfModule mod_headers.c>
    Header append Vary: Accept-Encoding
    </IfModule>
    </IfModule>
    
    # END WP Rocket
    
    #<FilesMatch ".*">
    #    Require ip 192.88.134.0/23
    #    Require ip 185.93.228.0/22
    #    Require ip 2a02:fe80::/29
    #    Require ip 66.248.200.0/22
    #    Require ip 208.109.0.0/22
    #</FilesMatch>
    
    # Really Simple SSL
    Header always set Strict-Transport-Security: "max-age=31536000" env=HTTPS
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-XSS-Protection "1; mode=block"
    Header always set Expect-CT "max-age=7776000, enforce"
    Header always set Referrer-Policy: "no-referrer-when-downgrade"
    Header always set Content-Security-Policy "upgrade-insecure-requests;"
    # End Really Simple SSL
    # Options +ExecCGI AddHandler fcgid-script .html FCGIWrapper /usr/local/cpanel/cgi-sys/php5 .html
    # BEGIN WordPress
    # The directives (lines) between "BEGIN WordPress" and "END WordPress" are
    # dynamically generated, and should only be modified via WordPress filters.
    # Any changes to the directives between these markers will be overwritten.
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # BEGIN MemberPress Rules
    <IfModule mod_rewrite.c>
    
    RewriteCond %{HTTP_COOKIE} mplk=([a-zA-Z0-9]+)
    RewriteCond /home/*******/public_html/wp-content/uploads/mepr/rules/%1 -f
    RewriteRule ^(.*)$ - [L]
    
    RewriteCond %{REQUEST_URI} !^/(wp-admin|wp-includes|wp-content/plugins|wp-content/themes)
    RewriteCond %{REQUEST_URI} \.(zip|gz|tar|rar|doc|docx|xls|xlsx|xlsm|pdf|mp4|m4v|mp3|ts|key|m3u8|ZIP|GZ|TAR|RAR|DOC|DOCX|XLS|XLSX|XLSM|PDF|MP4|M4V|MP3|TS|KEY|M3U8)$
    RewriteRule . /wp-content/plugins/memberpress/lock.php [L]
    
    </IfModule>
    # END MemberPress Rules
    
    # END WordPress
    # BEGIN WP-HUMMINGBIRD-GZIP
    # END WP-HUMMINGBIRD-GZIP
    # BEGIN cPanel-generated php ini directives, do not edit
    # Manual editing of this file may result in unexpected behavior.
    # To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
    # For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
    <IfModule php7_module>
       php_flag display_errors On
       php_value max_execution_time 30
       php_value max_input_time 60
       php_value max_input_vars 1000
       php_value memory_limit 1000M
       php_value post_max_size 8M
       php_value session.gc_maxlifetime 1440
       php_value session.save_path "/var/cpanel/php/sessions/ea-php70"
       php_value upload_max_filesize 128M
       php_flag zlib.output_compression Off
    </IfModule>
    <IfModule lsapi_module>
       php_flag display_errors On
       php_value max_execution_time 30
       php_value max_input_time 60
       php_value max_input_vars 1000
       php_value memory_limit 1000M
       php_value post_max_size 8M
       php_value session.gc_maxlifetime 1440
       php_value session.save_path "/var/cpanel/php/sessions/ea-php70"
       php_value upload_max_filesize 128M
       php_flag zlib.output_compression Off
    </IfModule>
    # END cPanel-generated php ini directives, do not edit
    
    # php -- BEGIN cPanel-generated handler, do not edit
    # Set the “ea-php74” package as the default “PHP” programming language.
    <IfModule mime_module>
      AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
    </IfModule>
    # php -- END cPanel-generated handler, do not edit
    
    Thread Starter googleman23

    (@googleman23)

    I just took over admin for this website, but this .htaccess has so much stuff, but maybe you will catch something that is disabling the connection.

    Moderator James Huff

    (@macmanx)

    Volunteer Moderator

    What happens if you remove this section?

    #<FilesMatch ".*">
    #    Require ip 192.88.134.0/23
    #    Require ip 185.93.228.0/22
    #    Require ip 2a02:fe80::/29
    #    Require ip 66.248.200.0/22
    #    Require ip 208.109.0.0/22
    #</FilesMatch>
    Thread Starter googleman23

    (@googleman23)

    Nothing will happen because there is a # in front of the text so it’s disabled.

    Moderator James Huff

    (@macmanx)

    Volunteer Moderator

    Hm, fair point! Might as well remove those then. 😉

    Are you using WP Rocket?

    Thread Starter googleman23

    (@googleman23)

    Yes

    Moderator James Huff

    (@macmanx)

    Volunteer Moderator

    Ok, best not to mess with that then.

    Try downloading WordPress again, access your server via SFTP or FTP, or a file manager in your hosting account’s control panel (consult your hosting provider’s documentation for specifics on these), and delete then replace your copies of everything on the server except the wp-config.php file and the /wp-content/ directory with fresh copies from the download. This will effectively replace all of your core files without damaging your content and settings.

    If you’d like to manually make a backup of your site first, please follow the steps at https://wordpress.org/support/article/wordpress-backups/

    Some uploaders tend to be unreliable when overwriting files, so don’t forget to delete the original files before replacing them.

    This will also have the benefit of updating the site, and it might either resolve or at least help point more towards the cause.

Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘my folder permissions are perfect, but my wordpress still can’t write’ is closed to new replies.