stackoom
  简体   繁体   中英

WordPress Plugins Upload Defaults to 777 permissions

 原文  2013-01-07 00:46:58       wordpress/ nginx/ chmod/ php

Question

I'm currently using WordPress 3.5 on nginx/1.2.6 with PHP-FPM web server setup on my VPS. I noticed a major security problem whenever I upload a wordpress plugin, it would default all the directories and files to 777 permissions. This would mean that I would need to correct these file permissions manually. I was wondering if anyone else out there had experienced this or has an idea what is causing this and how to fix it so it properly sets the correct permissions.

Any supportive advice would be greatly appreciated.

1 answers

solution1
 0 ACCPTED  2013-01-07 00:57:21

Only having a folder with 777 permission doesn't mean a security issue. If there is a buggy uploader PHP, then hackers could put a backdoor file to those folders. AFAIK wordpress needs writable folders for uploading and installing plugins. If you keep your wordpress up-to-date and if you don't have a buggy PHP uploader, you are not at risk.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question WordPress working only with permissions as 777 Wordpress plugin folders default to 777 permissions I can't update wordress, plugins and upload images to media in wordpress with permissions 775 and 644 How to upload plugins in wordpress on docker? TimThumb and 777 permissions Wordpress upload folder permissions 751 Upload plugins in Wordpress running on IIS7 Wordpress - localhost - cant upload images, search plugins Confusing file permissions issues when uploading wordpress plugins Wordpress: You do not have sufficient permissions to install plugins on this site
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM