WordPress permissions

It had been a while since I had written anything on this blog, and I was using some ancient version of WordPress with some dodgy custom theme I built. Inevitably I decided an upgrade would be worthwhile. I won’t bore you with the details as there are already plenty of brilliant guides out there to do that.

The other day I decided to write a post on my sparkly new blog, and thought why not brighten it up a bit with some images. I clicked Add Media, dragged and dropped my images onto the shiny new upload window, and it didn’t work.

There was an error writing to the wp-content/uploads/… folder.

The correct fix was relatively easy, however it wasn’t outlined in detail at any one place, until now!

If you too are hosting WordPress using nginx on a Linux server then follow these steps to configure WordPress to accept uploads whilst remaining secure.

  1. Find your nginx config file, mine was under /etc/nginx/nginx.conf and open it up.
  2. The first line should read something like user www-data;
  3. This describes who nginx runs as. By default it’s www-data.
  4. This user needs to be able to write to the wp-content/uploads folder.
  5. Navigate to your WordPress installation folder and execute chown -R www-data:www-data wp-content/uploads (you may need to prefix this with sudo depending on your security setup).

Voila! The user www-data now owns that directory and you will be able to upload files there.

Don’t take the easy option of chmod 777 your WordPress install directory, stay secure and follow the above instructions.

Leave a Reply