Can't upload images to posts in Wordpress on server permission issues.
-
mcsmythe
MemberHey folks and Guv perhaps you might have some ideas on this but when I login into the admin panel of Wordpress (which sits on my ubuntu linode) I can add text and even youtube videos but I get an error trying to load images? I think this is probably a simple fix, but since I am noob I am at a loss. It works on my local server but can't install images in my posts. Do I create a folder called wp-content/uploads from the CLI and change permission. Can I add a folder in Filezila and change permission there or is thsi too risky?
I am at a loss since I am a rookie but I am trying to suss this out.
This is the error I get when I want click on the flash add image icon in my posts.example.com/public/wp-content/upLoads/2010/06. Is its parent directory writable by the server?
Posted 1 year ago # -
mcsmythe
Memberthis is the full error I get
it seems simple since there are alot of folks that are way way smarter than me on this but this is the errorUnable to create directory /home/public_html/mysite.com/public/wp-content/upLoads/2010/06. Is its parent directory writable by the server?
Posted 1 year ago # -
Christine Giglio
MemberOk this is my answer as I've had this problem multiple times and just had it today with my new blog I set up.
Most places on the web will say make your directory permissions 777. Don't!!!!
ok guvnr's tutorials has part of the key, I'll give you what I did.
First I had to make sure that I set the user proper in the nginx setup
sudo -i addgroup webmasters usermod -G webmasters username(whereas username is your username)
Since I had done that right I got the message that webmasters was already created.
Then I had to give ownership/etc
chown -R username:webmasters /home/public_html chmod -R g+w /home/public_htmlThat should have done it, but since I am paranoid I looked at Guv's tutorial on installing Wordpress and found this:
sudo chown -R username:webmasters /home/public_html/yourdomain.tld sudo chmod -R g+w /home/public_html/yourdomain.tldI tried to upload and that wouldn't work. So I thought maybe I totally horked something. I did this to change the wp-contents folder permissions to full blown 777:
sudo chmod -R 777 /home/public_html/yourdomain.tld/public/wp-contentAnd uploaded; it worked.
Then I hit the up arrow key (in console) and changed the 777 to 775, that worked too. Then I repeated and changed to 755. I left it at that.I was wondering if I would have this problem next month so I kept the permissions 755 and then removed the 2010 folder and uploaded images again and it worked like a champ.
Hope this helps you resolve it and I hope my instructions were clear enough. Feel free to ask me to clarify if you need it.
Posted 1 year ago # -
"
addgroup webmasters
usermod -G webmasters username
".. hmmn, I've changed my mind on this ..
"
usermod -a -G www-data username
".. is better, placing you in the www-data group.
You can use this to change group recursively:-
sudo chgrp -R www-data /home/public_html
To sort the upload issue, apply this only to the folders to which you need to scp or ftp to:-
sudo chown -R 764 /path/to/upload/folders
.. for WP, at least, that tweak will give you hassle-free access and allow Nginx to facilitate those plugin upgrades/installs etc.
Posted 1 year ago # -
I lost the plot. What is the 'username' in this case? If I log in as admin to the WP control panel, what user am I acting as?
Posted 1 year ago # -
Christine Giglio
MemberNicholas: username == the ssh username you set up to log into your vps.
Pete: if you ls -la in the wp-content directory do you get
your user name and webmasters?
Although according to guv you should add your username to the www-data group and then change the group to www-data. I'd follow his advice. Try what he said, and good luck.Posted 1 year ago # -
"Nicholas: username == the ssh username you set up to log into your vps."
That's what I used. Are you folks talking about getting SFTP to work or getting the WP control panels to allow image uploads, automatic plug-in updates, etc? I was trying to get the latter to work.
Also, this line:
sudo chmod -R 764 /home/public_html/domain.tld/public/wp-content... made all my plug-ins stop working. I had to chmod back to 755.
Posted 1 year ago # -
@Nicholas .. 764 is for your upload folders, folders you need to access via, say, SFTP or SCP.
use 755 for the plugins folder, unless you upload stuff using SFTP etc, in which case you need 765.
and bin the username Admin, if that's what you use .. hackers may brute force you .. read:-
10 Tips To Make WordPress Hack - Proof . The Ultimate Guide. - GUVNR
@Pete .. that's wrong .. you won't be able to upload from the Dashboard with that .. see my above comment
#################################
EVERYONE .. these permissions are only for folders. You files should be 644 .. very important. Check:-ls -la /some/path
#################################Posted 1 year ago # -
hey .. I strapped on a handy permissions tool to guv, use that to learn about these sodding permissions ;)
The main thing is ..
1. always keep permissions as low as poss
2. .. ESPECIALLY FOR OTHERS ie, not user or groups, but for that lot trying to hack you .. (tell me about it!!!)
3. folders can be 765 but ideally 755
4. files never more than 644 .. well, I spose you could get away with 764 but can't see the point anyway.
5. probably something I've forgotten.
6. for wordpress get wp-security scan and use it, WP Firewall is good but may scare you a bit.
7. *** always be upgraded for any web app and any extensions. ***
8. sensible passwords .. damn complicated, ruddy long passwords .. use LastPass so you don't have to remember them because, if they're any good, you'll forget them. 0rusealongPas$wordinst3adhackthis .. you get the idea, slightly overkill eg there.
9. SEPARATE PASSWORDS FOR VPS-CP/VPS-USER/MySQL-ROOT/MySQL-USR/SITE-LOGINS etc. LastPass .. check it out and carry it on a keyfob.~~
I've created a special thread about permissions and the like, here:-Posted 1 year ago # -
> ... read:-
> 10 Tips To Make WordPress Hack - Proof.
> The Ultimate GuideThanks for that _guv. Are the .htaccess steps (9 and 10) needed if you're not running Apache?
Posted 1 year ago # -
no, Nicholas .. the rewrites and other directives we use in the virtual host and other nginx config files are the Nginx equivalent of htaccess. this is the one thing that does not apply from that Top 10.
Posted 1 year ago # -
mcsmythe
MemberThanks All. I love this site and especially these forums. I was so overworked from technology that wnet on a internet sebbatical and whammo I come back and all th eanswers are there. Christine and Guv I really appreciate all the suggestions. I am gonna try and do exactly what you say. I had done what you the Guv had suggested in setting up wordpress and like you christine I did exactly what you did"
First I had to make sure that I set the user proper in the nginx setup
sudo -i
addgroup webmasters
usermod -G webmasters username
(whereas username is your username)Since I had done that right I got the message that webmasters was already created.
Then I had to give ownership/etc
chown -R username:webmasters /home/public_html
chmod -R g+w /home/public_html
That should have done it, but since I am paranoid I looked at Guv's tutorial on installing Wordpress and found this:
sudo chown -R username:webmasters /home/public_html/yourdomain.tld
sudo chmod -R g+w /home/public_html/yourdomain.tld
I tried to upload and that wouldn't work. So I thought maybe I totally horked something."I will now change sudo chmod -R 755 /home/public_html/yourdomain.tld/public/wp-content and this should work. Thanks so much Christine really and also thank you Guv for insight into this matter. You guys rock!!
Posted 1 year ago # -
ok .. here's a nice tip to combat WP permissions (Dashboard uploads install frustration):-
Open bashrc, where you create command aliases:-
nano ~/.bashrc
Adding:-
## GOTO WP Upgrades/Plugin Installations
alias wpnginx="sudo find /path/to/wp-admin -exec chown -R www-data:www-data {} \; && sudo find /path/to/wp-content -exec chown -R www-data:www-data {} \;"
## GOBACK Safe WP Permisisons
alias wpme="sudo find /path/to/wp-admin -exec chown -R USERNAME:www-data {} \; && sudo find /path/to/wp-content -exec chown -R USERNAME:www-data {} \;"Change paths and USERNAME for yours.
Update bashrc:-
source ~/.bashrc
Now, logged into VPS at terminal, typing:-
wpnginx
.. gives web server ownership and uploads/installs from Dashboard are possible. But this is not great for security so, after your admin, revert to safe with:-
wpme
.. you can change those aliases in bashrc to whatever you like.
Posted 1 year ago #
Reply
You must log in to post.
Want HTML?
a blockquote code em strong ul ol liPlace code between backticks `codeHere`
You've got it.