wordpress minimum permissions required to install plugins directly | ww.wp.xz.cn

maloo
(@maloo)

9 years, 11 months ago

Hi,

I’m wondering what the absolute minimum permissions are to allow wordpress to install/delete/update plugins and themes directly.

Reading Hardening_WordPress it would appear that the only directory that should be writable by the webserver (apache in my case) should be wp-content, which makes sense to me…

However I only appear to be able to install/dete a plugin if the apache user also has write access to wp-admin (which seems like a bit of a security risk…)

What is wordpress trying to write to in the wp-admin directory when installing plugins directly (not via ftp/ssh etc)?
And Why?

Or should this actually work without the apache user having write access to the wp-admin directory??

Thanks!

Paul

The topic ‘wordpress minimum permissions required to install plugins directly’ is closed to new replies.

Tags

In: Fixing WordPress
0 replies
1 participant
Last reply from: maloo
Last activity: 9 years, 11 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics