[wp-forums] Question about permissions
Shelly
foolish.visions at gmail.com
Wed Oct 4 17:27:05 GMT 2006
I had a quick question that I think you all can help me with.
I've got someone who's needed assistance with Wordpress (not an
Install4Free client - this is just a colleague who's never used it
before, and I'm sort of "teaching" her how to use it for her site). She
was asking me about the images upload thing - where you write a post and
you can upload and image and then stick it in the post.
Of course, the first time she goes to upload something, she gets that
error message about not getting access to the folder, which means her
permissions are not set correctly on the wp-contents folder. The thing
is, it's set at 755 - which hasn't been a problem for editing files
through the damin panel. The only way she can upload images is to set
the wp-content folder at 777 - which I've told her is a major security
risk to change it to that and leave it.
I've told her she can either FTP the images in, or she can contact her
host and have them change a setting so the "755" (or 746 - which is also
working for files) would be "good enough" to let Wordpress create the
folder and allow file uploads.
She has decided to contact the host, because in her mind, when she gets
clients and wants to utilize Wordpress for them, they won't have a clue
as to how to FTP and call in the images with HTML - they just want to
upload and go.
Now, I'm not very good at explaining things - maybe it's because I odn't
own my own server and know the jargon. But can the web host "change a
setting" so that the 755 permission is good enough to allow the image
upload to happen? And the host has some setting *now* that means it
*has* to be set at 777 - but the host can change that, right?
I hope I'm making sense.
It's really hard because, like I said, I don't know the jargon, and she
has *no clue* as to what's going on at all and she's trying to take my
ill-formed words and explain to the host what they need to do - so of
course *they* are confused. They're telling her to just change the
permissions on the folder to 777 and the problem is solved.
Anyway, is there something I can say that she can just pass directly to
the host so they know what I'm talking about? That they just need ot
change whatever setting it is to make the permissions a little bit
stricter but still allow Wordpress to do what it needs to do, without
opening the whole thing up for a hacker buffet? (That *is* right,
right? They *can* do this, - if I'm wrong, please tell me, because it's
been my impression that they can!)
I just don't know how to *say* it so that it can happen.
I'd appreciate anything you can tell me about this!
~Shelly
More information about the wp-forums
mailing list