When I use wordpress to install a new theme it creates the permissions and ownership in such a way that I can’t edit the files via FTP.
Any ideas?
(Using Plesk)
new theme permissions don’t allow me to edit
Leave a Reply
You must be logged in to post a comment.
Given that you are the webhost:
If the server is a dedicated server, or you’re in any situation where you’re the only user of the server in question, then this is a GOOD thing! It means your setup is more secure this way.
It basically means that somebody who hacks into your site through the webserver “door” will have a limited set of permissions, and will be unable to edit files. Which is exactly what you want to happen.
If this is a “shared” server, where you’re hosting more than one site and have more than one “user”, then you need to change the webserver to run using a method known as “SetUID”. There’s many ways to do this, suPHP, FastCGI in a setuid wrapper, etc. This makes the PHP process which is running the site run as the user who owns the PHP files, providing increased intra-user security.
Now, you may think, “why would running as the owner of the files be more secure?” Answer: Different circumstances. When more than one user has a web directory on the site, all being served by the same webserver, then the webserver user has access to all those users files (read-only, sometimes more). But each user should be locked down to see their own files. So in the event of a compromise, you want the hacker to have the rights only of one of those users, not of the webserver user.
So, basically, if you really want, you can change the ownership of the theme files to be those of the webserver user (or rather, whatever user the PHP process is running as), and thus get access to them in the WP editor. But, unless you’re setup for a shared server environment and using setuid wrappers to be more secure in that fashion, then you really don’t want that.
When you install the theme via WordPress, the web server is the one creating the files for the theme and as a result, they will be owned by the user that webserver is running under (which is most likely why you can’t edit them).
You can change the ownership on the files with the command:
chown -R [your ftp username]:[your ftp usergroup] ./theme-directory
You also may need to change the permissions on the theme files, permissions are highly web server setup dependant.
More information about permissions:
http://codex.wordpress.org/Changing_File_Permissions
The only directory within WordPress that generally needs to be writeable by the web server is the /wp-content/uploads directory. None of the files need to be ownable by the webserver user (in a shared environment they shouldn’t be, on a dedicated host it’s less of an issue).
Contact your webhost. It sounds like the user that the webserver is running as isn’t the same as your FTP user. This can cause other problems within WordPress as well. If you FTP the themes into place, I doubt you’ll be able to update the WP core, themes and plugins with the built-in updater, without entering your FTP credentials.