WordPress: The right file permissions

After a while developing WordPress sites I think there are different file configurations:

On production, you wouldn’t want to give access to users to modify the filesystem, you would only want to allow them to upload assets and give access to plugins to manage specific folders to do backups, among others.

Because you would have WordpPress versioned with Git and you would be using deploy keys on the server, it wouldn’t be a good idea give access to users to update plugins on staging nor production environments.

I leave here the production file setup I would have:

# Set uploads folder user and group to www-data
chown www-data:www-data -R wp-content/uploads/

Stagings instance will share the same permissions as production as it should be a clone of it.

Finally, development environment will have access to update plugins, translations, everything…

# Set all files and directories user and group to wp-user
chown wp-user:wp-user -R *

# Set uploads folder user and group to www-data
chown www-data:www-data -R wp-content/uploads/

As you noticed, changing folder owner is irrelevant for Git, but changing file permissions update the file itself, so be careful.

Before create a git repo run these commands on the root of the project (add sudo if necessary):

# Set all directories permissions to 755
find . -type d -exec chmod 755 {} \;

# Set all files permissions to 644
find . -type f -exec chmod 644 {} \;