[wp-hackers] File management permission/owner best practices

Philip Walton philip at philipwalton.com
Wed Jul 13 16:11:11 UTC 2011

I'm running WordPress on my own server (Debian 6.0) that I have ssh and 
root access to. My web server runs as www-data. I'd like to set up all 
the files in my WordPress directory to user/group philip/www-data, but 
I'm encountering problems.

According to this site 
before WordPress download a plugin/theme it "creates a temporary file 
and confirms that the file just created is owned by the same user that 
/owns the script currently being run/". in this case 
|wp-admin/plugin-install.php|. In my case the file it creates is owned 
by www-data, so it fails because |wp-admin/plugin-install.php |is owned 
by philip.

I could do "chown -R www-data:www-data .", but then I run into issues 
when trying to do things like rsync because I connect via ssh as philip. 
I use rsync to upload my own themes and plugins all the time, and it's 
annoying to constantly have to change the file owners for these types of 

What do other people do to overcome this? What are the recommended best 
practices for those who don't want to use FTP?

p.s. I'm somewhat new to linux, so if I've got it totally backward, 
please set me straight.

More information about the wp-hackers mailing list