Safe to set permissions to 757 temporarily to update via wp-cli?

I think setting a cron job to automatically turn permissions on and off might be a bit of an extreme workround 🙂 I think it is probably worth spending the time to set up working permissions on your server, rather than a cron job which could introduce other problems.

This has been a good resource for me – https://codex.wordpress.org/Hardening_WordPress.

This has also been a great resource for me –
https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lemp-on-ubuntu-16-04

These are the steps I have used to allow automatic / wp-cli updates of WordPress and plugins on an Ubuntu droplet with NGINX as the web server.

  1. Set the recommended file and folder permissions:

    750 for Directories
640 for Files
except for wp-config.php, this should be 440.

    To do this for directories:

    find /srv/www/your-site/ -type d -exec chmod 750 {} \;

    and files:

    find /srv/www/your-site/ -type f -exec chmod 640 {} \;

    and wp-config.php:

    sudo chmod 440 your-site/wp-config.php

  2. Set the owner and group to web:www-data where web is a non-root user with sudo user permissions.

    sudo chown -R web:www-data /srv/www/your-site

    This command will give you more information of what user / group NGINX is running under:

    ps -eo pid,comm,euser,supgrp | grep nginx

    https://superuser.com/questions/398833/how-to-determine-the-user-and-group-of-a-deamon-in-ubuntu

    The group is www-data in my case.

  3. Set setgid bit so that all new files inherit the group of the parent directory.

    sudo find /srv/www/your-site -type d -exec chmod g+s {} \;

  4. Give the group write access to the wp-content directory.

     sudo chmod g+w /srv/www/your-site/wp-content

  5. Give the group write access to the plugins, themes and uploads directories.

    sudo chmod -R g+w /srv/www/your-site/wp-content/themes
sudo chmod -R g+w /srv/www/your-site/wp-content/plugins
sudo chmod -R g+w /srv/www/your-site/wp-content/uploads

  6. Make sure you are running the core update command as the owner in step 2 if necessary switching to that user first.

    su web
wp core update

Related Posts:

  1. MySQL error 1449: The user specified as a definer does not exist
  2. Running WP Cron on multisite the right way
  3. Destination directory for file streaming does not exist or is not writable
  4. How to to secure WordPress file and folder permissions
  5. WP in Docker – cannot install plugin or upgrade WP
  6. when FS_METHOD = ‘direct’ is chosen?
  7. Create custom permissions for user type
  8. WordPress REST API – Permission Callbacks
  9. Can’t upload images due to permissions error
  10. add_menu_page permissions – what am I doing wrong?
  11. Recommended File Permissions
  12. Network Admin “You do not have sufficient permissions to access this page.”
  13. What’s the difference between the permissions “edit_published_posts” and “edit_posts”
  14. Wrong permissions when uploading a file through WordPress | IIS
  15. ftp_nlist() and ftp_pwd() warnings
  16. WordPress in IIS 7.5 – “cannot create directory”
  17. What permissions should i have set up for the Database User after i have WordPress set up?
  18. Why is group ownership with rwx permissions not enough?
  19. How can I limit WordPress editor roles to a specific category?
  20. can i run wp as root permissions
  21. Prevent or Disable creating new users or changing roles of existing users to Administrator
  22. Does WordPress have fine-grained view permissions?
  23. WordPress debug.log is not updating
  24. Troubleshoot “You do not have sufficient permissions to access this page.”
  25. plugin install wants ftp (chown and 755 not enough)
  26. can’t change footer
  27. permissions access error
  28. Permissions Issue with WordPress
  29. What user/group does WordPress belong to in terms of file permissions?
  30. Enable plugin installs without FTP with user from same group as Nginx/PHP-fpm
  31. How to configure apache to create files with correct group owner [closed]
  32. Moved my WordPress site and now it can’t read the theme
  33. WordPress folder ownership issues
  34. Applying roles to an admin sub-menu (eg Appearance -> Menus)
  35. WordPress unable to create folders even though correct NTFS-rights are set
  36. WordPress php mysql errors – errcode: 13 permission denied
  37. Invalid changeset UUID WordPress
  38. Group ownership permissions don’t allow web server to update WordPress content
  39. Should Apache own /var/www/domain.com directory in WordPress?
  40. WordPress Permissions on my Local with Docker
  41. Permissions in a Local Dev Environment (OS X)
  42. Running WordPress as FTP user?
  43. How to to secure WordPress file and folder permissions
  44. Upgrading problem
  45. wp-content Folder Permissions (777 OK?)
  46. Permission of 775 not enough
  47. failed to open stream: Permission denied for WordPress plugin
  48. How to prevent plugins from being uninstalled
  49. Implement Javascript Code in the footer if user is logged in
  50. Reseting file permissions
  51. What is the “user account” for WordPress’ file permissions?
  52. Auto-update failing with “hardened” permissions
  53. Restrict access to trash, only admin
  54. How to hide wordpress error message?
  55. What is this error message?
  56. Which wordpress should be obligatory writeable?
  57. “Backdoor-list.txt” files unexpectedly in server
  58. How to grant user access the page [closed]
  59. WordPress 4.4.2 Update not working
  60. Auto-Upgrade to 4.2.2 fails because theme functions.php is included instead of wp-includes/functions.php
  61. How to prevent people from seeing certain articles in menus?
  62. Configure Permissions in Mamp [closed]
  63. Edit draft from other author
  64. Auto-Update Fails
  65. Can’t Change the default theme on WordPress by BitnamI running on AWS
  66. How to make file not open to public but javascript file under WordPress folder can load it
  67. Opening a file of the theme from outside
  68. Allow Editor access to a certain plugin
  69. Visitors “do not have permission to view this content” on home page only
  70. Permissions Script Not Working
  71. WordPress does not have the permission to update (IspConfig)
  72. Blank White page issue in WordPress
  73. Permissions working but not working
  74. Mamp Pro File Permissions
  75. MAMP File Permissions
  76. Create a custom “you dont have permission” message
  77. How to lock all published posts so only admin can unlock delete and update permission
  78. Why do some of my directories need to be writeable that shouldn’t be?
  79. How to put WordPress website behind the credential for visitors?
  80. Downloaded WP but Nginx home page still showing
  81. Pages displays as Restricted to Admin
  82. Public and Private keys incorrect for user
  83. Why can I upload files but need FTP login for plugins
  84. sufficient permissions to access this page
  85. wordpress using WP MVC: You do not have sufficient permissions to access this page
  86. Moved WordPress Directory – Having access issues now
  87. Strange error “You do not have sufficient permissions to access this page”
  88. Is it possible to allow a user to only edit categories of posts and nothing else?
  89. Restrict access to specific content
  90. WordPress – Public side and Private side
  91. the_tags only showing when logged in?
  92. Configuring WordPress permissions for easy updates
  93. Plugins Page – “Page disabled by the administrator”
  94. How to give access to programmer/developer to make changes, but prevent undesirable changes? [closed]
  95. Does DISABLE_WP_CRON prevent plugins from registering new cron tasks?
  96. WordPress files owner changed silently
  97. How do I share a Git repository with multiple users on a machine?
  98. Amazon Cloudfront with S3. Access Denied
  99. Postgresql: what does GRANT ALL PRIVILEGES ON DATABASE do?
  100. WP Permission still set to Not Writable after I change the permission for the whole folder and files