LEMP + wordpress文件权限,以便能够编辑,升级和使用sftp客户端 [英] LEMP + wordpress file permissions to be able to edit, upgrade and use sftp client
问题描述
我正在尝试在运行nginx的debian网络服务器上管理文件权限,以便wordpress可以编辑,上传和升级,而不必使用ftp.我还希望能够使用sftp和我的用户帐户登录.
I am trying to manage file permissions on a debian webserver that runs nginx, so that wordpress can edit, upload and upgrade without having to use ftp. I also want to be able to login using sftp with my user account.
我知道之前曾有人问过这个问题,请参阅此处,但请按照这些答案中的步骤进行操作一直不满意.当前的设置如下:
I am aware of the fact that this question has been asked before, see here or here, but following the steps in those answers hasn't been satisfying. The setup currently looks as follows:
-
wordpress文件夹位于
/var/www/html/
我创建了一个新用户("user")和一个组("group").服务器用户是 "www-data".
I made a new user ("user") and group ("group"). The server user is "www-data".
wordpress文件夹中的所有文件均归user:group所有.
All files in the wordpress folder are owned by user:group.
用户"和"www-data"都设置为属于组".
Both "user" and "www-data" are set to belong to "group".
我更改了文件和文件夹权限,如下所示:
I changed file and folder permissions as follows:
find /var/www/html/ -type d -exec chmod 2775 {} +
find /var/www/html/ -type f -exec chmod 664 {} +
我将默认umask设置为0002.
I set the default umask to 0002.
我以为这应该可行,但是目前我可以在wordpress中编辑和上传文件,但不能更新wordpress,功能或主题.
I would have thought this should work, but currently I can edit and upload files from within wordpress, but not update wordpress, functions or themes.
- 它也不适用于将组"设置为用户"和/或"www-data"的默认组(通过编辑
/etc/passwd).
或者,我在user:www-data拥有的/var/www/html/中制作了所有文件,但是也没有成功.
Alternatively, I made all files in /var/www/html/ owned by user:www-data, but also without success.
我似乎不需要ftp就能更新wordpress的唯一方法是使wordpress-folder及其所有文件都归"www-data"所有.不幸的是,结果是我无法使用sftp-client上传文件(因为目标现在是一个不属于用户"的文件夹).
The only way I seem to get wordpress to update without ftp is by making the wordpress-folder and all its files owned by "www-data". Unfortunately, the result of that is that I cannot upload files using an sftp-client (because the target is now a folder that is not owned by "user").
怎么可能?据我了解,这些步骤应该赋予wordpress适当的权限,但还是有问题.
How can this be? As far as I understand these steps should give wordpress the proper permissions, but something still is wrong.
非常感谢您的帮助.
推荐答案
在debian服务器上,我遵循了以下步骤.当我阅读这里,但是它可以工作(wordpress可以编辑,上传和升级-我可以使用sftp上传).
On a debian server I followed these steps. It might not be the most secure solution as I read here, but it works (wordpress can edit, upload and upgrade - and I can upload using sftp).
-
创建一个新用户"user"
Create a new user "user"
创建一个新的组组"(您也可以选择将www-data用作组)
Create a new group "group" (you can choose to use www-data as group as well)
将用户和www-数据添加到组
Add user and www-data to group
usermod -G group user
usermod -G group www-data
检查/etc/group中的组数字ID
例如组:x: 1002
Check group numerical id in /etc/group
e.g. group:x:1002
更改/etc/passwd中的www-data和用户的默认组
例如用户:x:1001: 1002 :...
Change default group of www-data and user in /etc/passwd
e.g. user:x:1001:1002:...
在/etc/php5/fpm/pool.d/www.conf中(以我为例)将group=www-data更改为;group=www-data.现在,nginx将使用我们刚刚设置为"group"的默认www-data组.重新加载服务(php5-fpm).
In /etc/php5/fpm/pool.d/www.conf (in my case) change group=www-data to ;group=www-data. Now nginx will use the default group of www-data which we just set to "group". Reload service (php5-fpm).
将您的wordpress文件夹的所有者递归更改为user:group
Recursively change owner of your wordpress folder to user:group
chown -R user:group /var/www/html
更改wordpress文件夹中的权限(2是将新文件分配到父文件夹的组)
Change permissions in your wordpress folder (The 2 is to assign new files to the parent folder's group)
find /var/www/html/ -type d -exec chmod 2775 {} +
find /var/www/html/ -type f -exec chmod 664 {} +
在/etc/login.defs
在wordpress中,通过将define('FS_METHOD','direct');添加到wp-config.php强制执行直接上载(这样就没有ftp). 对于我来说,这是必不可少的步骤.
In wordpress, enforce direct upload (so no ftp) by adding define('FS_METHOD','direct'); to wp-config.php. In my case, this was an essential step.
要使一切正常运行,我需要重新启动.
To get things working, I needed to reboot.
这篇关于LEMP + wordpress文件权限,以便能够编辑,升级和使用sftp客户端的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
