New to WordPress, so please forgive me if my question is to easy.
Been sitting and messing with updating a WordPress testinstallation. I constantly got prompted to supply FTP-login for the updates. The WP-box is not running FTP, and there are no purpose for it to run it, so I would rather not enable it.
I googled the net and found many with similar problems, and I was around messing with editing WP config php-files... and I ended up giving 777 access to everything. Even that did not solve it.
The, I actually read the documentation on this side (yes, I know... it is always a good thing to do), and it seems that the problem was, that the apache user was not the owner of the file. 777 is simply not enough.
Which leads me to: Where can you find an official document describing which permissions are an absolute minimum for a WP installation to work? I would like to know before I put the site public. Any other security enhancement documents and best practices would be nice to know.