Per the recommended Hardening WordPress and other resources this is what you should look for in your folder permissions:
- Root Directory / 0755
- .htaccess /.htaccess 0644
- wp-admin/index.php /wp-admin/index.php 0644
Based on what you’ve described about having to enter your FTP credentials to update/upload plugins I believe you have a ownership/group issue with your files. When you FTP’d the files up they were assigned to your FTP user/group. However, WordPress uses the same user/group that PHP runs in to access the file sytsem for writing (typically the www-data user).
Depending on your FTP program you might be able to just change the root folder and recursively apply to all children files and folders similar to sudo chown -R www-data:www-data wp-root
. This will change the owner and group so that WordPress can manage the filesystem.
Your server configuration you may also put your wp-content permissions to 775. This permission will allow your group to write in this folder and the worker users in WordPress, www-data user (executes the code) and FTP user (downloads code). You can put your wp-content on 755 but you have to put your www-data as owner of this folder and make your updates manually via FTP.
EDIT: If you still struggle with the user/permissions etc and wish to bypass the FTP nag screens you can set the FTP user info into your wp-config.php
. This will help WordPress gain access to the filesystem in the same method as you currently do via FTP.
define("FTP_HOST", "localhost"); // put the external path if localhost doesn't work
define("FTP_USER", "ftpUsername");
define("FTP_PASS", "ftpPassword");