The Final Guide to Wordpress on your Ubuntu LAMP Server

I've gone over all the setup and nit-picky details of setting up my own web server. However, the one thing I could never get quite right was my Wordpress install.  If you peruse the Wordpress (and Ubuntu) user forums, you will see countless examples of people trying to get their permissions set right for one reason or another.  Wordpress recommends, rather irresponsibly, CHMODing everying 777.  To compliment that, you should really find a theme with a large header saying "HACK ME."  The problems range from being unable to upload pictures to having serious trouble with plugins, some of which won't work at all without (again) CHMODing several parts of your Wordpress Install to 777.

I've lived for several months with my blog like this...balancing usability with security, and totally unable to use the "Upgrade Automatically" feature in the plugins page.  If you've setup your own Wordpress Server and worked with plugins much, you know how the process typically goes.  You Upload your plugin to the plugins folder.  Then via terminal, chown -R your new folder to www-data, perhaps chmod 777, depending on the plugin, and then go into your Wordpress Admin page and activate.  Time for an update?  Same process.  Such a pain, with nary a solution in sight... at least that I could find on the forums.

The problem lies with this:  your files are uploaded (via ftp, or whatever) under your Ubuntu user name.  Apache owns web processes under the user name and group www-data.  So when Wordpress tries to work on a folder owned by your username, it gets denied, because it is trying to work with it as www-data.  To fix this, I attempted to add my username to the www-data group, but that was unsuccessful.  And then I discovered the envvars file under /etc/apache2.  In this beautiful file, is the designated Apache username, www-data.  It looks something like this:

envvars - default environment variables for apache2ctl

# Since there is no sane way to get the parsed apache2 config in scripts, some
# settings are defined via environment variables and then used in apache2ctl,
# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data
export APACHE_PID_FILE=/var/run/apache2.pid

Just change the information to match your user name and group for Ubuntu, restart Apache, et voila!  Permissions and Ownership issues are resolved.  Now Apache is working with files under the same ownership and permissions set they were uploaded with.

One important caveat here:  I'm unsure about the security issues with this.  I'm going on the assumption that it is significantly more secure than CHMODing everything 777, and it certainly makes your Ubuntu/Wordpress Web Server much easier to use for upgrade purposes.  Plugins install and upgrade with no hassle now!

Hope this helps all of you with these issues.