While those of your running suPHP don’t have to suffer from these problems, those of us who have moved over to nginx and PHP-FPM don’t have an equivalent to suPHP and so are left searching for an alternative configuration.
Image uploads, structure changes and any other WordPress function that requires writing to the disk become a nuisance as it generally means having to go into the shell and setting world writeable permissions on specific files and folders which is not only a pain but is also insecure.Ĭommon but insecure and messy nginx/php-fpm configurations.WordPress automatic updates are a major pain in the ass as it involves setting world writeable permissions to the entire root of your WordPress website – NOT a nice option.
PERMISSIONS FOR PHP FILE SECURE INSTALL
You need to enter ftp account details during the plugin install process which is a pain and may not be an option if your host has disabled ftp in favour of ssh/scp access.It’s also one of those rare occasions where security and usability don’t conflict! Why? One of the biggest pain in the asses for people running WordPress under a system account like www-data is that you inevitably end up with one or all of the following predicaments: These configs generally have php running under Apache with suEXEC and/or suPHP which allow php to execute under individual user accounts rather than a system user like More importantly, it is a much more secure setup. On your average shared host, most hosts are running some variant of cPanel/WHM or Plesk. So fuck it I AM on topic.Īnyway one of the final pieces of my VPS config puzzle was figuring out the best way to configure Nginx and PHP-fpm to play nice with multiple websites requiring individual user accounts on the same VPS. It might not be directly theme related, but it is definitely indirectly related and we’ll show in future a blog post that your theme choice and theme development practices can have a massive impact on your websites performance. (Sidenote: I find it hard not to fall down the rabbit hole once I start digging into anything I’m not currently necessarily very skilled in – a month later I know a lot of VPS tuning kung fu 🙂Īnyway, even though it’s not directly related to WordPress themes, I’ll be writing a detailed blog post series on my experiences tuning this VPS and WordPress over the next couple of weeks.
PERMISSIONS FOR PHP FILE SECURE HOW TO
What started off as a simple exercise to tune up my existing hosting environment to cope with the increased traffic we’re getting lately turned into a full month long exploration of how to tune the hell out of a VPS for optimal performance for extremely high load and in particular extremely high load with WordPress.
I recently moved the blog over to a pretty cool new server config, the same kind that some of the really big boys like Mashable,, WPengine and PHPFog use.
0 kommentar(er)
