chmod777 So you are having trouble getting WordPress to do all the things WordPress does for you? Maybe someone left out some security instructions in their YouTube video or just takes the chmod 777 approach to life?

Perhaps you took the quick route to getting Apache installed like me, Tasksel… or the dreaded: The uploaded file could not be moved to wp-content/uploads.

cd over to your WordPress dir, good rules of thumb for tight security:

  • All files should be 644.
  • All folders should be 755.
  • wp-config.php should be 600.

Like this (make sure you are in your WordPress dir, you should be here for example: /var/www/html/<your website name>/ ):

sudo find . -type f -exec chmod 644 {} +
sudo find . -type d -exec chmod 755 {} +
sudo chmod 600 wp-config.php

Get the user apache is running on:

ps aux | egrep '(apache|httpd)'

Probably nobody or www-data.

Then own all files in your WordPress directory by the Apache user:

chown -R <Username> /var/www/html/<your wordpress dir>

You DO NOT need to chmod your wp-contents/uploads dir to 777.

More info: