Wordpress Linux文件权限和组 [英] Wordpress Linux file permissions and group
问题描述
我有一个Linux服务器(Debian 7),其中有许多需要Wordpress的用户.当我创建用户时,他们应该属于哪个组?今天,我将它们分配给www-data
.
然后他们通过SFTP下载Wordpress并运行安装.
I have a Linux server (Debian 7) with lots of users who needs Wordpress. When I create the users what group should they be in? Today I assign them to www-data
.
Then they download Wordpress by SFTP and runs the installation.
文件应具有哪些文件权限和用户/组,特别是wp-config.php
?
Which file permissions and user/group should their files have, specially wp-config.php
?
现在,用户可以从终端上窥视对方wp-config.php
并读取密码.不太好.
Now, users can peek in eachothers wp-config.php
from the terminal and read the password. Not very good.
由于用户不是root用户,因此无法更改文件权限/wp-config.php
的所有者,这将解决我的问题.
Since the users aren't root they cant change file permissions/owner of wp-config.php
which would solve my problem.
推荐答案
您可以使用Mike Conigliaro的此脚本来正确设置所有wordpress文件的权限.
You can use this script by Mike Conigliaro for for setting permissions correctly on all wordpress files.
WP_OWNER=changeme # <-- wordpress owner
WP_GROUP=changeme # <-- wordpress group
WP_ROOT=/home/changeme # <-- wordpress root directory
WS_GROUP=changeme # <-- webserver group
# reset to safe defaults
find ${WP_ROOT} -exec chown ${WP_OWNER}:${WP_GROUP} {} \;
find ${WP_ROOT} -type d -exec chmod 755 {} \;
find ${WP_ROOT} -type f -exec chmod 644 {} \;
# allow wordpress to manage wp-config.php (but prevent world access)
chgrp ${WS_GROUP} ${WP_ROOT}/wp-config.php
chmod 660 ${WP_ROOT}/wp-config.php
# allow wordpress to manage .htaccess
touch ${WP_ROOT}/.htaccess
chgrp ${WS_GROUP} ${WP_ROOT}/.htaccess
chmod 664 ${WP_ROOT}/.htaccess
# allow wordpress to manage wp-content
find ${WP_ROOT}/wp-content -exec chgrp ${WS_GROUP} {} \;
find ${WP_ROOT}/wp-content -type d -exec chmod 775 {} \;
find ${WP_ROOT}/wp-content -type f -exec chmod 664 {} \;
这篇关于Wordpress Linux文件权限和组的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!