WordPress: FS_METHOD "direct", how unsafe is it?

Question

WordPress: FS_METHOD "direct", how unsafe is it?

I have a VPS. I would like to avoid installing an FTP server. How is WP FS_METHOD set to directinsecure? What system configuration should be avoided? Right now, PHP / nginx is running www-data, which I set as a secondary group as "root". The permissions for the files are 0775 and belong to www data.

+4

security filesystems wordpress

MultiformeIngegno Dec 13 '13 at 23:52

source share

1 answer

Ramon fincken · Answer 1 · 2014-07-18T14:48:31+0000

if you have one (1) www-data site, that's fine, but when you have more sites you should never give them the same user, regardless of whether you use the direct FS_METHOD in your wp-config or no. What for? If one site is hacked, all the rest will / will be too much.

WordPress: FS_METHOD "direct", how unsafe is it?

More articles: