Hi there. I will apologize for what probably is a fairly basic question, but I did want to ask because the last time I messed about with permissions I managed to bring my blog to a crashing halt.
In any event, all I want to do is to use FTP to update the contents of my WordPress install - e.g. upload all plugins from my old host to my new host. With my old host, it was pretty simple - I just fired up my FTP, logged in, and messed about. I can't do this with my new host (a VPS) as I'm getting permission errors.
I used an automated script to install wp. Apparently it's one others have used with success. Everything seems to work other than FTP.
Everything under the WP install is owned by user:group www-data:www-data. Virtually all permissions on directories is 755 and on files it's 644. Excepts are wp-config, which is 640.
I'm accessing as a user created by the script which otherwise works fine for SSH access - it can sudo when I need to. I don't use root and have it disabled. It looks like a plain user account - I'll just call it "user".
In any event, my question is this: Obviously, I can't do anything when I FTP in as user since I don't have the right permissions. What are best practices here to maintain reasonable security but allow me to update using FTP? For example, should I just FTP in as "www-data"? If so, how would I get the password? I assume resetting it would cause issues (since presumably the server uses it). Or should I change group permissions to allow writes, and add user to the www-data? Or should I temporarily change permissions through shell access to 777, make the necessary adjustments and then change back (which seems to be a bit of a pain).
Any thoughts you might have would be most appreciated.