问题描述
我正在尝试在运行nginx的debian网络服务器上管理文件权限,以便wordpress可以编辑,上传和升级,而不必使用ftp.我还希望能够使用sftp和我的用户帐户登录.
I am trying to manage file permissions on a debian webserver that runs nginx, so that wordpress can edit, upload and upgrade without having to use ftp. I also want to be able to login using sftp with my user account.
我知道之前曾有人问过这个问题,请参阅或此处,但请按照这些答案中的步骤进行操作一直不满意.当前的设置如下:
I am aware of the fact that this question has been asked before, see hereor here, but following the steps in those answers hasn't been satisfying. The setup currently looks as follows:
-
wordpress文件夹位于
/var/www/html/
我创建了一个新用户("user")和一个组("group").服务器用户是"www-data".
I made a new user ("user") and group ("group"). The server user is"www-data".
wordpress文件夹中的所有文件均归user:group所有.
All files in the wordpress folder are owned by user:group.
用户"和"www-data"都设置为属于组".
Both "user" and "www-data" are set to belong to "group".
我更改了文件和文件夹权限,如下所示:
I changed file and folder permissions as follows:
find /var/www/html/ -type d -exec chmod 2775 {} +
find /var/www/html/ -type f -exec chmod 664 {} +
我将默认umask设置为0002.
I set the default umask to 0002.
我以为这应该可行,但是目前我可以在wordpress中编辑和上传文件,但不能更新wordpress,功能或主题.
I would have thought this should work, but currently I can edit and upload files from within wordpress, but not update wordpress, functions or themes.
- 它也不适用于将组"设置为用户"和/或"www-data"的默认组(通过编辑
/etc/passwd).
或者,我在user:www-data拥有的/var/www/html/中制作了所有文件,但是也没有成功.
Alternatively, I made all files in /var/www/html/ owned by user:www-data, but also without success.
我似乎不需要ftp就能更新wordpress的唯一方法是使wordpress-folder及其所有文件都归"www-data"所有.不幸的是,结果是我无法使用sftp-client上传文件(因为目标现在是一个不属于用户"的文件夹).
The only way I seem to get wordpress to update without ftp is by making the wordpress-folder and all its files owned by "www-data". Unfortunately, the result of that is that I cannot upload files using an sftp-client (because the target is now a folder that is not owned by "user").
怎么可能?据我了解,这些步骤应该赋予wordpress适当的权限,但还是有问题.
How can this be? As far as I understand these steps should give wordpress the proper permissions, but something still is wrong.
非常感谢您的帮助.
推荐答案
在debian服务器上,我遵循了以下步骤.当我阅读这里,但是它可以工作(wordpress可以编辑,上传和升级-我可以使用sftp上传).
On a debian server I followed these steps. It might not be the most secure solution as I read here, but it works (wordpress can edit, upload and upgrade - and I can upload using sftp).
-
创建一个新用户"user"
Create a new user "user"
创建一个新的组组"(您也可以选择将www-data用作组)
Create a new group "group" (you can choose to use www-data as group as well)
将用户和www-数据添加到组
Add user and www-data to group
usermod -G group user
usermod -G group www-data
检查/etc/group中的组数字ID例如组:x: 1002
Check group numerical id in /etc/groupe.g. group:x:1002
更改/etc/passwd中的www-data和用户的默认组例如用户:x:1001: 1002 :...
Change default group of www-data and user in /etc/passwde.g. user:x:1001:1002:...
在/etc/php5/fpm/pool.d/www.conf中(以我为例)将group=www-data更改为;group=www-data.现在,nginx将使用我们刚刚设置为"group"的默认www-data组.重新加载服务(php5-fpm).
In /etc/php5/fpm/pool.d/www.conf (in my case) change group=www-data to ;group=www-data. Now nginx will use the default group of www-data which we just set to "group". Reload service (php5-fpm).
将您的wordpress文件夹的所有者递归更改为user:group
Recursively change owner of your wordpress folder to user:group
chown -R user:group /var/www/html
更改wordpress文件夹中的权限(2是将新文件分配到父文件夹的组)
Change permissions in your wordpress folder (The 2 is to assign new files to the parent folder's group)
find /var/www/html/ -type d -exec chmod 2775 {} +
find /var/www/html/ -type f -exec chmod 664 {} +
在/etc/login.defs
在wordpress中,通过将define('FS_METHOD','direct');添加到wp-config.php强制执行直接上载(这样就没有ftp). 对于我来说,这是必不可少的步骤.
In wordpress, enforce direct upload (so no ftp) by adding define('FS_METHOD','direct'); to wp-config.php. In my case, this was an essential step.
要使一切正常运行,我需要重新启动.
To get things working, I needed to reboot.
这篇关于LEMP + wordpress文件权限,以便能够编辑,升级和使用sftp客户端的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!