Wordpress permissions

Discussion about BCA's Internet Hosting Service
David Cooke
Site Admin
Posts: 299
Joined: Thu 29 Dec 2005 23:22
Location: Axbridge, Somerset, UK

Wordpress permissions

Post by David Cooke » Wed 31 Oct 2012 18:23

Chris wrote:One question I have is about user access to the server (http://www.thecccc.org.uk). I installed wordpress so that people can update reports about trips. I wanted the wordpress application itself to be able to write to some folders, but not everyone on the internet. I'm not quite sure how to achieve that. Ie, not sure what users I have or what the permissions are. I had made one of the folders nested in the directory structure fully writable, but I doubt that's really a good idea...
Dave Cooke
BCA IT Working Party, BCA Web Services, National Cave Registry Co-ordinator, CSCC Webmaster

David Cooke
Site Admin
Posts: 299
Joined: Thu 29 Dec 2005 23:22
Location: Axbridge, Somerset, UK

Re: Wordpress permissions

Post by David Cooke » Wed 31 Oct 2012 18:36

Hi Chris,

I'm not really sure what you are trying to do but the following might help.

Using Linux directory permissions is the wrong way to go.

You will need anyone who needs more than public viewing access to login in. Research creating user logins and giving those users "roles".

On the Wessex site I found that Wordpress roles wasn't giving me enough control over permissions. I installed the "User Access Manager" plug-in by Alexander Schneider to get it how I wanted.
Dave Cooke
BCA IT Working Party, BCA Web Services, National Cave Registry Co-ordinator, CSCC Webmaster

cdonica
Posts: 5
Joined: Tue 21 Dec 2010 15:25

Re: Wordpress permissions

Post by cdonica » Thu 08 Nov 2012 13:08

Hi Cookie,

There's a couple different layers interacting here, perhaps I can describe better:

Take some wordpress Roles: Subscriber and Admin:
  • When Subscribe tries to upload an image, Wordpress PHP functions query the role and decide this is not allowed.
  • When Admin tries to upload an image, Wordpress PHP functions query the role and decide this is in fact allowed.
After wordpress decides that Admin can in fact upload an image, what I am running into is permission denied to write. This is from the wordpress scripts, not a wordpress rejection because of Role privileges. I was able to solve this by making the directory universally (user, group, all) writable, but I don't imagine that's really a good idea. I assume wordpress scripts run under some specific user name or group that I could give permission to, rather than having to use all?

David Cooke
Site Admin
Posts: 299
Joined: Thu 29 Dec 2005 23:22
Location: Axbridge, Somerset, UK

Re: Wordpress permissions

Post by David Cooke » Thu 08 Nov 2012 14:19

Hi Chris,

your solution is the correct one.

The scripts run as the user 'nobody' (not my choice). Therefore the directory will need to be give write permission to 'all' since 'nobody' is neither you nor in your group.

You are right to be mildly concerned and in an ideal world the script should run as you (ie 'cccc'. However there is no need to worry too much. For comparison, if you were on a windows server you would have no choice since directories have to be read and writeable by all.
Dave Cooke
BCA IT Working Party, BCA Web Services, National Cave Registry Co-ordinator, CSCC Webmaster

Post Reply