1

Running: Ubuntu 18.04, Nginx 1.14

I read somewhere that running Wordpress in 'fs_direct' mode is a security threat, so I wanted to completely scrap that idea and stick to a local ftp server instead. Here's the issue, I have the two users, www-data (what the server can run/see) and webftp (what Wordpress can upload through vsftpd). I can't have www-data run full permissions for obvious security reasons, but I need webftp to be able to write.

What is the BEST way to run these permissions side-by-side so they don't interfere with one another?

While I am good at most things linux, linux permissions are very confusing to me, so please be patient :)

Tyler DeBoy
  • 31
  • Possible duplicate of Setting up SFTP to log in to server with Filezilla In addition if www-data doesn't have full permissions to the WordPress directory you wouldn't be able to update WordPress and it's plugins through the web interface - the solution in this case is to use wp-cli . – pa4080 Mar 29 '19 at 06:48
  • @pa4080 Thanks so much for your answer. I set everything up, and everything is binding properly. However, now vsftpd complains when I log in, "500 OOPS: vsftpd: refusing to run with writable root inside chroot()" and I am unable to log in. However, I have full rwx permissions when I log in through ssh. Is this a bug, or am I missing something? – Tyler DeBoy Mar 29 '19 at 07:23
  • Nevermind. Was able to work around this by further messing with the config file – Tyler DeBoy Mar 29 '19 at 07:41
  • Happy to help :) Is there any special purpose to use vsftpd instead sftp that comes by default with openssh-server? – pa4080 Mar 29 '19 at 09:04
  • @pa4080 No haha. I use my sftp server for other stuff and I change the configuration all the time. Just wanted something I could set up and forget about – Tyler DeBoy Mar 31 '19 at 21:36

0 Answers0