Im finding it hard to get a straight answer on what is the step by step best ever settings for wordpress install folder and files permissions.
Whe i try and use the wordpress media uploader i get this error message:
"The uploaded file could not be moved to /xx/xx/xx/wp-content/uploads."
Im running into problems on a new host where even though everything seems to be 755, its not letting me upload images, and is asking for the ftp password everytime i install or delete a plugin. Im guessing this is a host specific permissions problem.
While I'm solving this problem, I also want to set all the files and folders to the best most secure permissions so its ready to go when launched.
permissions info generally
I tried to change permissions from dws ftp and it dosnt do anything. so now i have to find out how to cmod
brief look and my files seem to be 644, and folders 755... config is 644, so is ht access. i notice it dosnt have execute access which is probably why wp couldnt write to it??
(whats weird is, the exact same wp installation worked on the old server, has this new server changes the folder permissions??? i dont get it... how? it is the exact same files...
weird uploads in 766, which makes me think i changed it to that, but i try and change it again and it dosnt seem to work, does it take a day to implement?? i change it back to 755, but it not work...
ok so i look in hosts control panel, and the permissions changes i made in dws ftp HAVE taken effect, just dosnt show in dw for some reason!!
Steps I have taken:
1/ I tried making a new folder and ftping it called media and uploading to that rather than uploads. dosnt work right away, i check the permissions and it is 0. even if i make the folder in the ftp program, it is still 0. so, i doubt it should work, need to figure out this chmod thing since dw dosnt seem to change the permissons.
2/going into the hosts cpanel and seeing if i can do any permissions stuff there. yes, and actually, i see that permissions HAVE been changed from dreamweaver, but dreamweaver dosnt show it.
3/ so, i try and upload images to my new media folder which have 777 permisssions. it works. but 777 bad, so i remove and test. 755 - dosnt work. 766, dosnt work.
wordpress forums:
Directories should have, at most, permissions of 755. If you have a directory that is 777 then that can be written to.
Files should be, at most, 664. If you use the WP editor, you might need these files to be 666 but you really should revert them back to 664 after making any changes. You must never ever have ANY file at permissions greater than 666 unless you are directed specifically to do so.
777
Some hosts will only allow you to upload images (using WP) if the images folder is 777. That leaves your site at a certain level of risk. Email them and check what the minimum permissions are. Despite what they first say, this is NOT a WP issue - it's a security issue.
If your host insists that 777 is the only number, start looking for another host. 755 can be done by hosts (my directories are all 755) that take security seriously.
from wordpress forums:
set the wp-content and folders below it to 777 just for the upload, then change them back to 755
should try this first, just to get past this probelm so can at least get photos in.
also if it turns out only 777 works... see
Host is ok. They changed php rules for this account so that group can write as 775.
Basic links -use these to compile my own summary to go through
From here changing the table prefix to something obscure
http://semperfiwebdesign.com/documentation/wp-security-scan/change-wordpress-database-table-name-prefix/For some people the database table name prefix changing functionality of WP Security Scan doesn’t work. In that case you may use the following instructions to change it manually.
1. backup your wordpress database to a sql file (you can use phpmyadmin)
2. open that *.sql file (make another copy first) using text editor, then find and replace all “wp_” prefix to “something_”.
3. now, drop all tables of your wordpress databases (don’t drop the database)
4. import the *.sql file which has been edited before into your wordpress databases.
5. and lastly, edit your wp-config.php file and change the $table_prefix = ‘wp_’; to $table_prefix = ‘something_’;
6. you may find that your plugins are deactivated automatically when this happens, so you’ll want to activate them again if that’s the case… I’d recommend deactivating them prior to doing this anyway as a precaution.
Posts
