ftp_nlist() and ftp_pwd() warnings

After all, it was already in the question!

Context

Both plugins are related to my WordPress site theme (uplift). I can’t understand what it is doing or where, but when it detects that the owner of the files isn’t its executing user (apache), it changes the access method to FTP.

This action doesn’t seem logical, to me, because even if I do 775 user:apache (pseudo-code), it doesn’t’ work (it is searching for the owner, not if it has permissions). I could do 575 apache:user but in that case, apache can run CHMOD, so it is pointless.

Also, this is happening outside of wp-content. And is not documented by the plugins or theme, which for me, seems a security issue. 0 results for “owner” and “permission” in the documentation.

Solution

Just add define('FS_METHOD', 'direct');.

With a little precaution! This needs to be added before require_once( ABSPATH . 'wp-settings.php' );. Why? Again, no idea. However, this is a requirement for several configurations as you can see by the Editing wp-config.php docs page

Cautions

As stated in this answer, using FS_METHOD can pose a security risk in shared hosting. Not my case, so my investigation ended here.

Missing

Please feel free to answer the following doubts (in the comments or with an answer, I will accept the answer or complement mine, accordingly):

  1. What is uplift theme doing? Why do they need to check the owner?
  2. Why does the FS_METHOD setting needs to be loaded before the wp-settings.php page?
  3. What would be the solution for a shared hosting scenario?

Related Posts:

  1. MySQL error 1449: The user specified as a definer does not exist
  2. Destination directory for file streaming does not exist or is not writable
  3. How to to secure WordPress file and folder permissions
  4. WP in Docker – cannot install plugin or upgrade WP
  5. Create custom permissions for user type
  6. WordPress REST API – Permission Callbacks
  7. Can’t upload images due to permissions error
  8. add_menu_page permissions – what am I doing wrong?
  9. Recommended File Permissions
  10. Network Admin “You do not have sufficient permissions to access this page.”
  11. What’s the difference between the permissions “edit_published_posts” and “edit_posts”
  12. Wrong permissions when uploading a file through WordPress | IIS
  13. WordPress in IIS 7.5 – “cannot create directory”
  14. What permissions should i have set up for the Database User after i have WordPress set up?
  15. Why is group ownership with rwx permissions not enough?
  16. Editing WordPress Permissions in LAMP – Ubuntu 11.10
  17. How can I limit WordPress editor roles to a specific category?
  18. Safe to set permissions to 757 temporarily to update via wp-cli?
  19. Does WordPress have fine-grained view permissions?
  20. WordPress debug.log is not updating
  21. WordPress file permissions for editing on local Ubuntu development machine
  22. Troubleshoot “You do not have sufficient permissions to access this page.”
  23. plugin install wants ftp (chown and 755 not enough)
  24. can’t change footer
  25. permissions access error
  26. Permissions Issue with WordPress
  27. What user/group does WordPress belong to in terms of file permissions?
  28. Enable plugin installs without FTP with user from same group as Nginx/PHP-fpm
  29. Iframe a WordPress template
  30. How to configure apache to create files with correct group owner [closed]
  31. Moved my WordPress site and now it can’t read the theme
  32. Applying roles to an admin sub-menu (eg Appearance -> Menus)
  33. WordPress unable to create folders even though correct NTFS-rights are set
  34. WordPress php mysql errors – errcode: 13 permission denied
  35. Safari not “giving Permission to Open This Page” when trying to load pdf from wordpress site [closed]
  36. Invalid changeset UUID WordPress
  37. Group ownership permissions don’t allow web server to update WordPress content
  38. Should Apache own /var/www/domain.com directory in WordPress?
  39. Grant user rights to access certain tabs of a plugin
  40. Permissions in a Local Dev Environment (OS X)
  41. Running WordPress as FTP user?
  42. How to to secure WordPress file and folder permissions
  43. Return scheduled posts with WP REST API
  44. wp-content Folder Permissions (777 OK?)
  45. Permission of 775 not enough
  46. failed to open stream: Permission denied for WordPress plugin
  47. How to prevent plugins from being uninstalled
  48. Implement Javascript Code in the footer if user is logged in
  49. Reseting file permissions
  50. What is the “user account” for WordPress’ file permissions?
  51. Auto-update failing with “hardened” permissions
  52. Restrict access to trash, only admin
  53. How to hide wordpress error message?
  54. What is this error message?
  55. Which wordpress should be obligatory writeable?
  56. “Backdoor-list.txt” files unexpectedly in server
  57. How to grant user access the page [closed]
  58. WordPress 4.4.2 Update not working
  59. Auto-Upgrade to 4.2.2 fails because theme functions.php is included instead of wp-includes/functions.php
  60. How to prevent people from seeing certain articles in menus?
  61. Configure Permissions in Mamp [closed]
  62. Edit draft from other author
  63. How to add only a (sub) capacity to an user role?
  64. Auto-Update Fails
  65. How to disable admin/editor access to specific user’s posts
  66. Can’t Change the default theme on WordPress by BitnamI running on AWS
  67. How to make file not open to public but javascript file under WordPress folder can load it
  68. Opening a file of the theme from outside
  69. Allow Editor access to a certain plugin
  70. Visitors “do not have permission to view this content” on home page only
  71. Permissions Script Not Working
  72. WordPress does not have the permission to update (IspConfig)
  73. Blank White page issue in WordPress
  74. Permissions working but not working
  75. Mamp Pro File Permissions
  76. CentOS 7 cPanel – Setting Correct Permissions
  77. MAMP File Permissions
  78. How to lock all published posts so only admin can unlock delete and update permission
  79. Why do some of my directories need to be writeable that shouldn’t be?
  80. How to put WordPress website behind the credential for visitors?
  81. Downloaded WP but Nginx home page still showing
  82. Pages displays as Restricted to Admin
  83. Public and Private keys incorrect for user
  84. Why can I upload files but need FTP login for plugins
  85. sufficient permissions to access this page
  86. wordpress using WP MVC: You do not have sufficient permissions to access this page
  87. Uploaded files have permission 000
  88. Moved WordPress Directory – Having access issues now
  89. Strange error “You do not have sufficient permissions to access this page”
  90. Is it possible to allow a user to only edit categories of posts and nothing else?
  91. Restrict access to specific content
  92. WordPress – Public side and Private side
  93. the_tags only showing when logged in?
  94. How to give access to programmer/developer to make changes, but prevent undesirable changes? [closed]
  95. WordPress files owner changed silently
  96. How do I share a Git repository with multiple users on a machine?
  97. Amazon Cloudfront with S3. Access Denied
  98. GRANT SELECT to all tables in postgresql
  99. Postgresql: what does GRANT ALL PRIVILEGES ON DATABASE do?
  100. WP Permission still set to Not Writable after I change the permission for the whole folder and files

Leave a Comment