Caddy, WordPress, wp-content permission

I created a caddy based WordPress installation on Ubuntu 20.04 using the last caddy version.

The caddyfile is simple:

domain.xx {
tls admin@domain.xx
root * /var/www/domain.xx/
php_fastcgi unix//run/php/php7.4-fpm.sock
encode gzip
file_server
}

I am facing issues with
a) uploading media files
b) installing/deleting plugins
c) deleting themes (and so surely also adding themes)

Following user/group rights are assigned:

var/www/domain/ → www-data:ww-data rwxrwxr-x (0755)
var/www/domain/wp-content → www-data:ww-data rwxrwxr-x (0755)
Same applies to wp-content sub-directory plugins, uploads and themes

Caddy is assigned to group www-data

I also tried:

chown -R caddy:www-data /var/www/domain/wp-content/ → meanding caddy:www-data (0755)

I added the following line to wp-config.php:

define( ‘UPLOADS’, ‘wp-content/uploads’ );

So I was fixing the issue that no media files could be uploaded.

BUT!
I am facing similar issue with themes and plugins.
Only FTP is possible:
“To perform the requested action, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.”

I am confused.
Which user and which goup I should set recursively on /var/www/domain/wp-content/
Which user I should add to which groups?

I saw a solution here:

To be able to upload without FTP they claim you should add the following line to config.php:

define(‘FS_METHOD’, ‘direct’);

But again no success!

Any advice?
What I need to change to be able WordPress has full file access to /wp-content ?

I think you need the permissions to be 775 rather than 755. PHP is probably running as the www-data user when accessing those files, since it doesn’t own them (caddy user owns them) then it uses group permissions (i.e. 2nd number). 5 means read (4) + execute (1), but no write permissions. 7 means read (4) + write (2) + execute (1).

The other option is you can probably change the owner to www-data (with the chown command) and keep the permissions the same, because the caddy user should be part of the www-data group, and it only typically needs read access to your site anyways.

Hi Francis, thanks for your answer.

Below you can see the relevant processes:

htop_012468×161 20.1 KB

htop_022464×39 5.81 KB

As you can see php-fpm runs as caddy, only the php-fpm master process runs as root.
Again: User caddy is member of group www-data and caddy…

Now I tested the different chown combinations (each with oktal 0775):
caddy:caddy
www-data:www-data
caddy:www-data
All those versions do not succeed!

What I should check or change now?

Hmm, strange. Could you try running php-fpm as www-data instead?

This doesn’t seem like an issue with Caddy ultimately, but rather PHP and your filesystem.

Is there a way to send a private message?

Sorry, I don’t do private support.

OK, no issue

I don’t think you’re dealing with a Caddy issue here.

FWIW, for a WP container using a bind mount for WP files…

admin@ub20-BHYVE:~/docker/wordpress/html$ ls -l
total 198
-rw-r--r--  1 www-data www-data   405 Feb  6  2020 index.php
-rw-r--r--  1 www-data www-data 19915 Feb 12  2020 license.txt
-rw-r--r--  1 www-data www-data  7278 Sep 26 00:38 readme.html
-rw-r--r--  1 www-data www-data  7101 Jul 29 01:20 wp-activate.php
drwxr-xr-x  9 www-data www-data    97 Aug 12 02:15 wp-admin
-rw-r--r--  1 www-data www-data   351 Feb  6  2020 wp-blog-header.php
-rw-r--r--  1 www-data www-data  2332 Jul 23 08:52 wp-comments-post.php
-rw-r--r--  1 www-data www-data  3201 Sep 30 03:52 wp-config.php
-rw-r--r--  1 www-data www-data  2823 Sep 30 03:51 wp-config-sample.php
drwxr-xr-x  7 www-data www-data     8 Sep 26 00:38 wp-content
-rw-r--r--  1 www-data www-data  3940 Feb  6  2020 wp-cron.php
drwxr-xr-x 24 www-data www-data   220 Aug 12 02:15 wp-includes
-rw-r--r--  1 www-data www-data  2496 Feb  6  2020 wp-links-opml.php
-rw-r--r--  1 www-data www-data  3300 Feb  6  2020 wp-load.php
-rw-r--r--  1 www-data www-data 48761 Jul  7 11:59 wp-login.php
-rw-r--r--  1 www-data www-data  8509 Apr 14  2020 wp-mail.php
-rw-r--r--  1 www-data www-data 20181 Jul  6 18:50 wp-settings.php
-rw-r--r--  1 www-data www-data 31159 Jul 24 05:11 wp-signup.php
-rw-r--r--  1 www-data www-data  4755 Feb  6  2020 wp-trackback.php
-rw-r--r--  1 www-data www-data  3236 Jun  9 03:55 xmlrpc.php

Hi, thanks for checking as well !!!

My user rights are as follows:

drwxrwxr-x 5 www-data www-data 4096 Nov 11 05:16 .
drwxr-xr-x 4 www-data www-data 4096 Nov 9 15:00 …
-rwxrwxr-x 1 www-data www-data 405 Feb 6 2020 index.php
-rwxrwxr-x 1 www-data www-data 19915 Feb 12 2020 license.txt
-rwxrwxr-x 1 www-data www-data 7278 Jun 26 13:58 readme.html
-rwxrwxr-x 1 www-data www-data 7101 Jul 28 17:20 wp-activate.php
drwxrwxr-x 9 www-data www-data 4096 Oct 30 20:41 wp-admin ******************
-rwxrwxr-x 1 www-data www-data 351 Feb 6 2020 wp-blog-header.php
-rwxrwxr-x 1 www-data www-data 2332 Jul 23 00:52 wp-comments-post.php
-rwxrwxr-x 1 www-data www-data 3258 Nov 10 12:20 wp-config.php
-rwxrwxr-x 1 www-data www-data 2913 Feb 6 2020 wp-config-sample.php
drwxrwxr-x 5 caddy www-data 4096 Nov 11 07:08 wp-content ******************
-rwxrwxr-x 1 www-data www-data 3940 Feb 6 2020 wp-cron.php
drwxrwxr-x 24 www-data www-data 12288 Oct 30 20:41 wp-includes ******************
-rwxrwxr-x 1 www-data www-data 2496 Feb 6 2020 wp-links-opml.php
-rwxrwxr-x 1 www-data www-data 3300 Feb 6 2020 wp-load.php
-rwxrwxr-x 1 www-data www-data 48761 Jul 7 03:59 wp-login.php
-rwxrwxr-x 1 www-data www-data 8509 Apr 14 2020 wp-mail.php
-rwxrwxr-x 1 www-data www-data 20181 Jul 6 10:50 wp-settings.php
-rwxrwxr-x 1 www-data www-data 31159 Jul 23 21:11 wp-signup.php
-rwxrwxr-x 1 www-data www-data 4755 Feb 6 2020 wp-trackback.php
-rwxrwxr-x 1 www-data www-data 2913 Feb 6 2020 wwp-config.php
-rwxrwxr-x 1 www-data www-data 3236 Jun 8 19:55 xmlrpc.php

As said I trief also with caddy:www-data and can switch back to www-data:www-data if needed.

But I have no idea where to locate the issue or which steps would be best to identify…

This topic was automatically closed after 30 days. New replies are no longer allowed.