Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Fix wordpress file permissions
#!/bin/bash
#
# This script configures WordPress file permissions based on recommendations
# from http://codex.wordpress.org/Hardening_WordPress#File_permissions
#
# Author: Michael Conigliaro <mike [at] conigliaro [dot] org>
#
WP_OWNER=www-data # <-- wordpress owner
WP_GROUP=www-data # <-- wordpress group
WP_ROOT=$1 # <-- wordpress root directory
WS_GROUP=www-data # <-- webserver group
# reset to safe defaults
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;
# allow wordpress to manage wp-config.php (but prevent world access)
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php
# allow wordpress to manage wp-content
find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \;
find ${WP_ROOT}/wp-content -type d -exec chmod 775 {} \;
find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \;
@antoine-briand
Copy link

antoine-briand commented Oct 21, 2019

Kudos for this script ! 🥇

@ic0dews
Copy link

ic0dews commented Nov 1, 2019

Voila this script helped save my wordpress instances.

@midhunvnadh
Copy link

midhunvnadh commented Nov 9, 2019

We have a fix for this.
if you are using a LAMP server, you need to add yourself to the group www-data.
Or try adding root to www-data.
One of these must work.
See this post : https://www.techify.club/2019/11/09/fix-linux-lamp-server-permission-issues-ultimate-fix-2020/

@bc24
Copy link

bc24 commented Dec 23, 2019

thank you very much

@larsonreever
Copy link

larsonreever commented Jan 2, 2020

I have been scratching my head since days and finally it worked like a charm for me too. Thanks to this post, which explains various aspects of the issue in a well defined manner. I think you should have a look at this post - How to Fix WordPress File and Folder Permissions Error?. Thanks!

@ZerooCool
Copy link

ZerooCool commented Jan 9, 2020

WP_ROOT=$1 # <-- wordpress root directory

$1 need to be replace with the path to wordpress root directory, or, is it obtained otherwise?

@obj
Copy link

obj commented Jan 10, 2020

WP_ROOT=$1 # <-- wordpress root directory

$1 need to be replace with the path to wordpress root directory, or, is it obtained otherwise?

Just use it like "fix-wordpress-permissions.sh /var/www/your-wordpress-folder"

@antoine-briand
Copy link

antoine-briand commented Jan 10, 2020

@ZeroCool In bash, $1 is the first command line argument given to your program (see : https://stackoverflow.com/questions/29258603/what-do-0-1-2-mean-in-shell-script). As said by https://gist.github.com/Adirael/3383404#gistcomment-3133780, if you want the script to point to your wordpress folder, you have to call it with, as first argument, a string that contains the path to your wordpress folder.

@ZerooCool
Copy link

ZerooCool commented Jan 13, 2020

Oh ! Ok.
Then i can make the same in my script.
https://gist.github.com/ZerooCool/4a22e96a52c4268b68679e4269e66f73

But, i use read, and not $1.

@aveeshkumar
Copy link

aveeshkumar commented Feb 13, 2020

OMG - thanks so much - a few echo 's would have been icing on the cake - maybe i will fork it :-) thank you

@parkisutama
Copy link

parkisutama commented Feb 27, 2020

I'm using centos/cpanel/litespeed and I have the following error:
chown: invalid user: www-data:www-data
chgrp: invalid group: www-data

how should I fix it ?

@msesxi
I use VPS with Openlitespeed 1.6.8 try change group with nogroup and user with nobody
should be like this :
WP_OWNER=nobody # <-- wordpress owner (if you use shared host, but if use VPS like me try your user and group instead)
WP_GROUP=nogroup # <-- wordpress group
WP_ROOT=$1 # <-- wordpress root directory
WS_GROUP=nogroup # <-- webserver group

@rubo77
Copy link

rubo77 commented Apr 6, 2020

Great improvements in these forks:

I added those and anhanced it in a Github repository here:

especially those is an enhancement:

PS4="# "; set -x
: ::: Change owner and group. Put this line in a cronjob if you plan to both upload by Wordpress, which is usually the user www-data, and autodeploy by WP_OWNER regularly:
find ${WP_ROOT} -not '(' -user  ${WP_OWNER} -a -group ${WP_GROUP} ')' -exec chown $VERBOSE ${WP_OWNER}:${WP_GROUP} {} \;

: ::: Resetting permissions to safe defaults
find ${WP_ROOT} -type d -not -perm 755 -exec chmod 755 {} \;
find ${WP_ROOT} -type f -not -perm 644 -exec chmod 644 {} \;

: ::: Allowing wordpress to manage wp-config.php, but prevent world access
chgrp ${WWW_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php

: ::: Allowing wordpress to manage wp-content
find ${WP_ROOT}/wp-content -not -group ${WWW_GROUP} -exec chgrp $VERBOSE ${WWW_GROUP} {} \;
find ${WP_ROOT}/wp-content -type d -not -perm 775 -exec chmod 775 {} \;
find ${WP_ROOT}/wp-content -type f -not -perm 664 -exec chmod 664 {} \;

@ZerooCool
Copy link

ZerooCool commented Apr 10, 2020

Now I use the passage of the site by parameter.
I revised my script which seems to work perfectly for CHMOD.
I still encounter a problem for chown, when I am in production, however, the chown work good when I am in local.
I'll check that out, and read your examples again.

If anyone wishes to test my script, I would like to have your opinion.
I am looking to use a more dynamic script, which will give the administrator more choice.
This script will modify CHOWN and CHMOD, depending on whether one is in development or in production.
This script also allows to configure the following files in a specific way (index.html index.htm index.php, configuration.php, wp-config.php, LocalSettings.php)

https://github.com/ZerooCool/fix-apache-permissions.sh

@ingageco
Copy link

ingageco commented Jul 3, 2020

Thank you!

@M-Faizan480
Copy link

M-Faizan480 commented Jul 16, 2020

Anyone guide me where I paste that query to solve my problem.......?Or tell me how I put my .sh file to fix that bug.Thanks.Waiting for reply.

@M-Faizan480
Copy link

M-Faizan480 commented Jul 16, 2020

image

tell me here i upload the file...????

@JonnyTech
Copy link

JonnyTech commented Jul 16, 2020

@M-Faizan480 it is a script not a web query. You need shell / ssh access to your server. Login to the Linux terminal of your host then execute the file.

@ciberjohn
Copy link

ciberjohn commented Jul 24, 2020

Many thanks for this. It works like a charm.

@prasannjeet
Copy link

prasannjeet commented Sep 27, 2020

It's 2020. Still works like a charm! Thank you 👍

@jjxtra
Copy link

jjxtra commented Oct 8, 2020

Isn't putting everything to www-data going to be insecure?

@ZerooCool
Copy link

ZerooCool commented Oct 9, 2020

www-data is for developpement.
root or other is for production

If you use root, a file can't be modified by apache
For exemple, if you use a CMS ( WP / Joomla ... ) and if all your file is for root, a CMS update can't change the existing files.
Then, your CMS is a little more protected. Only root can change the good right. Use www-data:www-data for apply a CMS update and protect all file with root:root or root:www-data ( need read more information for that. )

@zohairmohamed
Copy link

zohairmohamed commented Nov 3, 2020

still I am getting the errors although I did what you have suggested . I am using architect theme
this is the message :
Fatal error: Uncaught Error: Call to undefined function ctype_xdigit()
in /hermes/bosnacweb05/bosnacweb05ab/b1567/ipg.zohair9856655/mysite.com/wordpress/wp-content/plugins/redux-framework/redux-core/inc/classes/class-redux-colors.php on line 205

Call stack:

Redux_Colors::sanitize_hex()
wp-content/plugins/redux-framework/redux-core/inc/classes/class-redux-colors.php:276
Redux_Colors::sanitize_color()
wp-content/plugins/redux-framework/redux-core/inc/validation/color/class-redux-validation-color.php:42
Redux_Validation_Color::validate()
wp-content/plugins/redux-framework/redux-core/inc/classes/class-redux-validate.php:39
Redux_Validate::__construct()
wp-content/plugins/redux-framework/redux-core/inc/classes/class-redux-validation.php:197
Redux_Validation::validate()
wp-content/plugins/redux-framework/redux-core/inc/classes/class-redux-options-constructor.php:907
Redux_Options_Constructor::validate_options()
wp-includes/class-wp-hook.php:289
WP_Hook::apply_filters()
wp-includes/plugin.php:206
apply_filters()
wp-includes/formatting.php:4899
sanitize_option()
wp-includes/option.php:368
update_option()
wp-admin/options.php:314

@ddiazepam
Copy link

ddiazepam commented Feb 8, 2021

thanks

@Heidyvangeffen
Copy link

Heidyvangeffen commented Feb 16, 2021

Hi all,
I am a complete nitwit here. Can someone explain to me step by step from the beginning what I have to do correct the error with cropping photo's? Thanks in advance.

@prasannjeet
Copy link

prasannjeet commented Feb 16, 2021

@Heidyvangeffen

I'm not really sure if you are at the right place to find a solution for correcting the error with cropping photos!!
This is a shell file to fix the permissions of files used in Wordpress.

@Lysak
Copy link

Lysak commented Mar 1, 2021

like magic

@juanpgarciac
Copy link

juanpgarciac commented Mar 16, 2021

If you are having "No such file or directory" problems and you use windows to upload the file a quick fix is changing the format to unix again:

#vim fix_permision.sh
:set fileformat=unix
:wq

#sh fix_permision.sh

@Morsine
Copy link

Morsine commented Aug 7, 2021

Thank you!! This worked, while everything else on internet failed.

@DevAly
Copy link

DevAly commented May 3, 2022

Thanks, it works very well

@rubo77
Copy link

rubo77 commented May 4, 2022

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment