levavie's picture

I need to use my new small server (WP appliance) to host multiple websites, developed by multiple programmers. So I need multiple users, each user connecting to his own website only.

To test the right configuration, I've added a new user (e.g. 'wp_user') and added it to groups www-data and ssh. I've changed the user's home dirctory to /var/www/wordpress.


SSH connection from WinSCP was successfull, but the user can't delete files, since they are owned by the webserver. Doing chmod g+w on all files didn't help  - still, the user can't  delete his files.


Files should be owned by the webserver, I've researched the forums and this seems to be the right setup. How can I make sure the user can modify files through WinSCP?

And how do I prevent the user from modifying other domains?



levavie's picture

What worked was to setup directories to be group-writable.

All directories to 775:

find /path/to/your/wordpress/install/ -type d -exec chmod 775 {} \;

All files to 664

find /path/to/your/wordpress/install/ -type f -exec chmod 664 {} \;


But how to prevent users to access files outside their home directory


Add new comment