Permissions the files in wordpress, the best practice!

 

Variables to considers.

Owner=root

Group=myuser

path_wordpress=/var/www/html/wordpress 

Note: myuser can be www-data.

Permission in linux.

    0 = No Permission
    1 = Execute
    2 = Write
    4 = Read

reset to safe defaults.
find /var/www/html/wordpress -exec chown root:myuser {} \;
find /var/www/html/wordpress -type d -exec chmod 755 {} \;
find /var/www/html/wordpress -type f -exec chmod 644 {} \;

 

root in files = 6 -> Write+Read

root in directory = 7 ->Write+Read+Execute

 

myuser in files = 4 -> Read

myuser in directory = 5 -> Read+Execute

 

everyone in files = 4 -> Read

everyone in directory = 5 -> Read+Execute

 

Enable Write in some folders.

 

Allow wordpress to manage wp-config.php (but prevent world access)

chgrp myuser /var/www/html/wordpress/wp-config.php
chmod 660 /var/www/html/wordpress/wp-config.php 

 

 Allow wordpress to manage wp-content

find /var/www/html/wordpress/wp-content -exec chgrp myuser {} \;
find /var/www/html/wordpress/wp-content -type d -exec chmod 775 {} \;
find /var/www/html/wordpress/wp-content -type f -exec chmod 664 {} \;

 

 

Source: https://gist.github.com/Adirael/3383404