Allowing wordpress to update itself with CentOS and securing it from spammers

Below is a list of commands to help secure your CentOS wordpress server.

SSH into your machine

If wordpress won’t allow you to update wordpress automatically and requests an FTP password, this command is especially important.

If apache isn’t the user create who.php

If the file doesn’t exist, create it.

File permissions for WordPress

Relative Path Suggested
/ 0755
/wp-admin 0755
/wp-includes 0755
/wp-config.php 0444
/wp-content 0755
/wp-content/themes 0755
/wp-content/plugins 0755
.htaccess 0444

You can set these using an FTP application such as Filezilla or using CHMOD if you have full control over your server.

Leave a Reply

Your email address will not be published. Required fields are marked *