wp_query

While we are exploring the possibilities of switching to FCGI, as an interim arrangment, I’ve gone ahead and done this in our server.

Up until /wp/wp-content/uploads/2015/ – the permissions remain WP default – 755, with user:group being cpanel user.
But for the monthly folders within, like /10, /11, /12 etc. we have set 774 with “cpanel-user:nobody” to enable uploads by PHP/Apache as ‘nobody’ user.

Now. when we do uploads via media during Jan, we are going to have issues with upload when ‘2016’ folder as well as ’01’ monthly folder gets created with default permissions and ownership.

Is there a way I can mention in the wp-config.php (or) else where that the monthly folders should over-ride default permissions and get created with “774” permissions and “nobody” group?

Thank you for your responses, Clayton & Digico.

Will explore the possibilities of switching to FCGI and get back if any questions we may have.

Thank you for all the help.

@claytonjames,

Whoever is helping you manage your server should be able to quickly spot what changes are necessary if you decide to continue using PHP as an apache module.

I am asking again the question I had for you earlier w.r.t. to using PHP as an apache module.

Would you recommend switching to FCGI handler instead of DSO handler?

My host tells me FCGI handler will allow apache to run as a cPanel user (unlike DSO that runs apache as a nobody user).

@clayton James

I found out answers to some of the questions you pointed out previously.

1. DSO is running Apache as “nobody” user. But since /wp-content/uploads/ is owned by cPanel user, it isn’t possible to update with 755/775 permissions. Requires 777 permission.

2. My host is recommending to change to FCGI handler, which they say will allow Apache to run as cPanel user. But I’m hesitant to change handler since not sure what kind of compatibility issues will start throwing up. What would you recommend?

3. We have a similar environment that we use as dev environment set up using another cPanel account. I tried comparing the Folder/File permissions and ownership of WP folders there Vs. in our live environment.
We have “cPanel-user:nobody” as the ownership for all WP folders, subfolders and files. The permissions are 774 for all the folders and 664 for all the files. There we are able to upload files because of the “nobody” group.
Is 774 permission with “nobody” group better than having 777 permission?
May be I should do the similar permission and group in our live environment?

Thank you for your time and response.

@clayton, thank you again for your response.

I compared /wp-content and /wp-content/uploads directories for the ownership settings. Both are owned by cpanel user account only. The folder permissions are also 755.
Only for the current uploads since (october, post WP version upgrade), the permissions for the monthly folders within /wp-content/uploads/2015 has been changed to 777 and hence the ownership ‘nobody’.

Re: what user the webserver is running as, I am trying to find out from my host. If that is going to be different (apache, www-data,etc.) not as cpanel user like you pointed out, then I guess we have cracked the issue ??

But my point is, we have always been using DSO, hence PHP should have been running as apache module right from day 1. Apache/Webserver user could not have changed recently. So I am failing to understand how it turns out to be an issue since the last couple of months since doing an upgrade?

Before october (ie. upgrade), we had the monthly folders within /wp-content/uploads/2015 with 755 permissions only and we were able to upload files from the media.

Thank you @clayton.

Are you in a shared hosting environment?
No, we have a dedicated server and have root access.

None of the files inside wordpress and its sub folders are owned by root. Looks like there is no ownership issues. In spite of that, when we try uploading through media, the folder permission is expected to be 777. Even having the permission as 775 does not let us do make any uploads.

Thank you @clayton and @digico. Your responses cleared a lot of our doubts.

We spoke to our host. They clarified that they tried to create a cpanel account but then went ahead and upgraded the wordpress manually as root. We are also using the PHP handler DSO. Do you have any idea of DSO not being able to handle the default folder and file permissions in the wordpress 4.3.1?

Thank you.

Thank you James. That was useful. We will ask our developers to check too.

Hi James,

It is a custom theme that we designed for our site. We have this email option for unregistered users only in the posts.

Thank you James. The email option is a part of our theme. Do you have any suggestions on how to strengthen this feature to avoid spams?