Permissions / Wordpress on Bitnami/AWS

pulverized 2013-03-25 21:42:58 UTC #1

I created an instance on Amazon Web Services using Bitnami for a Wordpress site. I've been able to customize the site using WP widgets and plugins, but I can't use the Editor to edit page-title.php or other pages: "You need to make this file writable before you can save your changes. See the Codex for more information."

I haven't been able to figure out how to get myself write access to these files, partly because I don't understand where these permissions are set or how to alter them. Compounding this (I think), I have built our website on BitNami WordPress 3.4.2-1, but I can't seem to Manage my Bitnami account (I'm assuming I have one).

beltran 2013-03-26 12:15:45 UTC #2

Hi, for security reasons the WordPress files are not editable by default. I added a section in the BitNami Wiki to know how to enable it temporarily.

http://wiki.bitnami.com/Applications/BitNami_Wordpress#How_to_edit_the_WordPress_files.3f

I hope it helps

pulverized 2013-03-27 23:11:01 UTC #3

I wound up leaving permissions alone--so I still can't edit my Wordpress website using the GUI--but you helped me identify the right rabbit hole to go down. I downloaded Filezilla and used the instructions you provided to replace the .php file I wanted to correct with my local .php file. Thanks.

beltran 2013-03-28 12:38:21 UTC #4

Glad to hear that. This is the best approach to edit the WordPress files remotely.

alexinternet 2014-01-07 16:28:25 UTC #5

Hi Beltran,
To be able to edit my wordpress php files directly, I ran this command:

$ sudo chown daemon:daemon /opt/bitnami/apps/wordpress/htdocs

Now, I am getting a 403 forbidden when trying to access any wordpress page

my site is: wears.me.

Can you help? Thanks!

carlos_corrales 2014-01-07 16:44:08 UTC #6

Hi @alexinternet,

What else have you changed? Just changing the htdocs permissions to daemon shouldn't be doing what you said.
If you want to try, the default permissions in AWS are bitnami:daemon, so you can check if executing

$ sudo chown bitnami:daemon /opt/bitnami/apps/wordpress/htdocs

it works again, but I think it is not going to work. Could you please give us more information? Have you changed any configuration file? Could you post here the content of your Apache log files?

Best regards,
Carlos

alexinternet 2014-01-07 17:27:15 UTC #7

Hi Carlos, the only other thing I changed is moved my wordpress site to the root using this command:

$ sudo /opt/bitnami/apps/wordpress/bnconfig --appurl /

To fix my "403 forbidden" issue, I just ran the following commands to regain access to everything:

$ sudo chown -R bitnami:daemon /opt/bitnami/apps/wordpress/htdocs/
$ sudo find /opt/bitnami/apps/wordpress/htdocs/ -type f -exec chmod 664 {} \;
$ sudo find /opt/bitnami/apps/wordpress/htdocs/ -type d -exec chmod 775 {} \;

So, any suggestion on what command to run to edit my wordpress files? I still see:
"You need to make this file writable before you can save your changes" in my WordPress theme editor UI

Thanks!

carlos_corrales 2014-01-08 14:58:33 UTC #8

Which file is it asking for permissions? Which permissions does it have?

Best regards,
Carlos

cwvanderreyden 2014-03-30 22:53:45 UTC #9

So i found a general catch all solution that seems to have worked for me.

People have been saying to change the owner of the files, but you can preempt the need to change the owner by editing the Apache configuration file at:

/opt/bitnami/apache2/conf/httpd.conf

scroll down to the section just after the DSO module loadings and just after the PHP lines where it says:
(please note that I changed the normal <> tags to [ ] because of some sort of limitation in posting code here)
BEGIN CODE

[IfModule unixd_module]
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
User daemon
Group daemon

[/IfModule]'
END CODE

Simply change User daemon to User bitnami and then run these commands:

/opt/bitnami/apache2/scripts/ctl.sh stop apache2
/opt/bitnami/apache2/scripts/ctl.sh start apache2

Could not create directory during Plugin Update

cristian 2014-03-31 18:17:27 UTC #10

Hi @cwvanderreyden

although it works, we encourage people not to do it unless they really want to do it this way, and only if they know what are the problems that can face with this modification. We configure the user and group as daemon because this is one of the best ways to secure the Apache server from hackers and exploiters.

If you set the user and group as "bitnami", and someone finds an exploit or hack your Wordpress (or any app under this configuration), depending on the hack/exploit, they could be able to access to your machine and run shell commands. Using the "daemon" user and group, they won't be able to do it, as it is secured.

Best regards.

nagaraj116 2016-07-24 09:48:09 UTC #11

Where to run this? In FTP? I don't know anything plz help.

dgonzalez 2016-07-26 13:18:02 UTC #12

Hi @nagaraj116,

You must log into that machine through a protocol called SSH (stands for Secure Shell). The guide for doing it with AWS is here.

If after following the advices posted above you couldn't solve your issue, do not hesitate to write us back here (or, maybe, on another topic you can create).

Best regards,

David Gonzalez

nagaraj116 2016-07-26 17:57:41 UTC #13

@dgonzalez Thanks for your response. Actually, I tried as in the tutorial for many times but nothing worked.

apolvillo 2016-07-27 14:40:53 UTC #14

Hi @nagaraj116

If you run that command you will give permission to the folder /opt/bitnami/apps/wordpress/htdocs but not to the files inside that folder. If you want to give permission to all the files, you must run this command:

sudo chown -R bitnami:daemon /opt/bitnami/apps/wordpress/htdocs

If you have any questions do not hesitate to ask, thank you.

Hope it helps.

Best regards,
Alejandro.

kpatelneha23 2017-03-22 14:19:23 UTC #15

Hi,

The link does not work? Can you please resent it.

Thank you,
Neha

dgonzalez 2017-03-23 14:43:13 UTC #16

Hi @kpatelneha23,

That link was pointing to our old documentation site.
Please, find below the answer:

For security reasons, WordPress files are not editable from the WordPress application itself [using WordPress’ built in Theme Editor]. If you are using a Virtual Machine or a Cloud Image, we would suggest to use a FTP client to edit the files remotely.

Another option is to change the permissions to be able to edit from the WordPress application temporary. Note that this configuration is not secure so please revert it after editing the files temporarily:

$ sudo chown -R daemon:daemon /opt/bitnami/apps/wordpress/htdocs
# To revert this change you can run the following command:
$ sudo chown -R bitnami:daemon /opt/bitnami/apps/wordpress/htdocs

Is there anything else that we can help you with?

Best regards,

David González

spencerfcloud 2017-04-24 00:12:11 UTC #17

When I need to modify WP sites, sometimes I need to modify the files through FTP, and sometimes I need to modify the files through the WP-admin panel. I've tried everything on this post and more, but nothing seems to work properly - including @cwvanderreyden 's modification of the httpd.conf file. Nothing works except for changing the owner of htdocs back and forth from bitnami and daemon, and it's time consuming and tedious, especially on the sites where there are other users that need to modify using the WP-admin panel.

Does anyone have any other solution, or suggestion on where I could be going wrong with @cwvanderreyden 's fix? (I made extra sure to stop and restart the script and tried it multiple times.)

jorgemarin 2017-04-25 09:53:46 UTC #18

Hi @spencerfcloud
We strongly discourage the solution that implies modification of httpd.conf file.

Since Bitnami WordPress Stack 4.6.1-1

... it should be possible to edit files from the WordPress admin panel without any modification.

If you are using an older version of WordPress

... and you want to modify files from WP-admin panel you need to grant permissions to Apache to modify those files.
But by doing that you allow Apache to interpret other files that may be maliciously placed next to the files you want to edit.

That's the reason why you need to change permissions back and forth if you want to stay secure.

$ sudo chown -R daemon:daemon /opt/bitnami/apps/wordpress/htdocs
# To revert this change you can run the following command:
$ sudo chown -R bitnami:daemon /opt/bitnami/apps/wordpress/htdocs

Hope this helps.

Regards,
Jorge

spencerfcloud 2017-04-29 17:08:31 UTC #19

@jorgemarin There must be something wrong with my setup then. I'm using WordPress version 4.7.4 and I need to use 'sudo chown' every time I want to switch permissions to edit the WP files or use the WP-admin panel. Do you know what might be wrong?

dbarranco 2017-05-01 12:05:51 UTC #20

Hi @spencerfcloud

That is a feature of the command chmod. You can't change the ownership of a file unless you're an owner of that file.

There are a few cases on stackoverfow talking about it:

Bitnami provides free all-in-one installers, virtual machines and cloud images for popular open source applications. Get them now!