I just recently installed PHP and wordpress on our coldfusion box and wordpress is throwing me an dialog saying I need to input FTP information so wordpress can alter the files. I read up on this and basically this only comes up if wordpress cannot manipulate the files directly via PHP/apache user.
My question is now how should I set the folder permissions so things are secure and play nicely?
The wordpress root folder has the following permissions
drwxrwxr-x 6 wwwtech root 4096 Feb 21 14:09 home
files and folders within have
-rw-r--r-- 1 wwwtech root 418 Sep 25 2013 index.php
drwxr-xr-x 9 wwwtech root 12288 Jan 23 20:17 wp-admin
PHP and apache are running under user tech
tech 12465 0.0 0.0 9400 936 pts/0 S+ 09:58 0:00 grep --color=auto php
and are part of group
tech : tech root adm dialout cdrom plugdev sambashare lpadmin admin
For starters, the WordPress Codex has a wealth of information on this very topic. For the sake of brevity that should take care of most of it; however, there are some relievant points that should be made:
wp-content/uploadsandwp-content/cachefolders to be the same user|group that runs PHP should be sufficient. Please keep in mind that some plugins require thewp-contentfolder be made writeable, but in such cases typically you will be notified. In some cases, this may require assigning 755 permissions.