If you have been using WordPress with the LAMP stack, sooner or later you would stumble upon the following popup:
Connection InformationTo perform the requested action, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.
This might happen when you try to install or update a theme or a plugin in WordPress. It is important to understand that the popup is not an error but a security measure. Nevertheless, it can be quite annoying, especially if you are trying to do what should be a simple and straightforward operation like installing or updating a plugin or a theme. Usually, the popup occurs because WordPress requires elevated permissions to perform certain actions on your website. This is a security measure to ensure that only authorized users can make changes that could potentially affect the functionality or security of the site. If you are on a LAMP server, this means that the Apache user does not have the needed permissions to add any additional code on your website. In some situations, this might be a great safety measure. Imagine that some attacker attempts to authenticate as the web server user. If this feature is on, even if his attack is successful and he somehow authenticates as your server user, he will still not be able to perform any malicious operations. User permissions are a great feature of unix-based systems like Linux but they should be handled with care and provide a lot of confusion. Do not change permissions, unless you know what you are doing. You have been warned.
Method 1: Provide the necessary information
If you are using a hosting provider such as HostArmada, when buying a hosting account, you will receive all the necessary information that you need to fill in the above popup (hostname, ftp user and password). The hostname is the ip address of the server, the ftp user is the cpanel user and the password is your cpanel password. Just enter the credentials and the actions will be completed.
Method 2: Update wp-config.php file
If you are fine to allow WordPress to write to wp-content, you can allow this with adding the below code just before the “That’s all, stop editing! Happy publishing.” line in wp-config.php:
In this way, the popup will not appear anymore when trying to add or update a plugin or a theme.
Method 3: Update Apache user permissions
This approach requires that you have ssh access to your webserver and you have some basic understanding of file permissions. In order to allow WordPress to write to the wp-content folder, you should add ownership of the WordPress folder (recursively) to the apache user. You might be tempted to give the ownership to the root user, but you should never do that, as it is a big security issue. First, find the name of the apache user by going to httpd.conf and inspect the file. Depending on your LAMP configuration, the apache conf file can be located in different places. The easiest way to find it is to use the locate command:
This will give you the file path. It should be something similar to
/etc/apache2/httpd.conf. Open the file with the nano editor and locate the following lines:
sudo nano /etc/apache2/httpd.conf
<IfModule unixd_module> # # If you wish httpd to run as a different user or group, you must run # httpd as root initially and it will switch. # # User/Group: The name (or #number) of the user/group to run httpd as. # It is usually good practice to create a dedicated user and group for # running httpd, as with most system services. # User apache Group apache </IfModule>
In this situation, the user is apache but it might be something different on your setup. Once you know the name of the user, update the file permissions. In the ssh terminal add the following permissions: (replace the user and the file path accordingly)
sudo chown -R apache:apache /var/www/html/mywesomewebsite.com
sudo chmod -R 755 /var/www/html/myawesomewebsite.com
Please note: changing user permissions is a dangerous and sometimes irreversible command. Make sure you 100% know what you are doing. The above two commands modify the ownership and permissions of files and directories recursively within the current directory. Setting the permissions of all files and directories in the current directory to 755 is a common permission setting for web server directories that ensures proper functionality while maintaining security.