20

I'm hosting a wordpress site on ec2 and I'm trying to update my theme through the admin screen. Its asking me for Hostname and ftp username and password. Is ec2-xxx.compute-1.amazonaws.com:22 my hostname? I tried along with ec2user and root for my ftp username but no luck. What am I doing wrong?

Spencer Carnage
  • 2,056
  • 2
  • 28
  • 41
  • _Its asking me for Hostname and ftp username and password._ "It" what? What admin screen? What program or service is asking this? Are you confident you can trust it? Username and password over FTP is pretty archaic, SFTP has been usual for a decade now... – sarnold Dec 31 '11 at 03:43
  • The wordpress admin screen is asking for this info. Its part of the dashboard. I'm using their sftp option. – Spencer Carnage Dec 31 '11 at 03:45
  • 1
    @sarnold WordPress's admin will attempt to update your themes/plugins via FTP/SFTP. – ceejayoz Dec 31 '11 at 03:45
  • @ceejayoz, that sounds _sketchy_. Sheeesh. – sarnold Dec 31 '11 at 03:47
  • @sarnold WP is often installed by non-technical users. Hundreds of thousands of unpatched WP installs out on the public Internet serving malware and whatnot is sketch **ier**. :-) – ceejayoz Dec 31 '11 at 04:18
  • @ceejayoz: funny enough, [a fellow stacker was facing exactly that: cracked WP](http://stackoverflow.com/questions/8685834/my-site-is-loading-some-other-site-causing-it-to-redirect-to-it) just two hours ago... – sarnold Dec 31 '11 at 04:20
  • Yeah, it's very common. I've seen WP installations several years out of date. – ceejayoz Dec 31 '11 at 04:25
  • Not sketchy: http://codex.wordpress.org/Updating_WordPress – Amanda Jun 13 '12 at 21:26

7 Answers7

47

Skip the FTP info altogether and just change the permission of the directory structure where Wordpress is installed.

VIA SSH

sudo chown -R apache:apache path/to/wordpress
  • sudo makes sure you execute as the root user
  • chown will change the owner of the directory
  • -R will make it recursive, so it changes all files and directories within
  • apache:apache is user:group

And then the path to wordpress. Could be /var/www/html/sitename.com or if you navigate to the folder where Wordpress is installed, you can use a period (.) to tell it to change the current directory.

This will make is so that you can't copy files via sftp though, so it is good to change at least the themes directory back to the ec2-user:ec2-user user and group.

So this changes back to your ssh/sftp user:

sudo chown -R ec2-user:ec2-user path/to/wordpress

You can assign the folders to the ftp user and the apache group and then make them group writable as well. This will allow you to ftp into the directory, and allow everything to be auto updated within Wordpress.

// Set the wp-contents into the apache group and then make files group writable
sudo chgrp -R apache wp-content
sudo chmod -R g+w wp-content
// This makes new files created in wp-content and all of its sub-directories group-writable.
sudo chmod g+s wp-content

Then add this to wp-config.php to force Wordpress to update when only applying this wp-content:

define('FS_METHOD', 'direct');

You can also apply to the whole Wordpress install to auto update Wordpress and not just plugins/themes. If you do this, I would recommend putting your wp-config.php file one directory above your Wordpress install though, so you can lock it down separately.

EDIT: Whenever I am having permission troubles on EC2, I go to site root directory, and paste these lines in. I apply it to the whole Wordpress install these days:

sudo find . -type d -exec chmod 0755 {} \;
sudo find . -type f -exec chmod 0644 {} \;
sudo chown -R ec2-user:apache .
sudo chmod -R g+w .
sudo chmod g+s .

I use something similar on my Mac as well.

Jake
  • 2,058
  • 2
  • 24
  • 33
  • You can also experiment with ec2-user:apache and changing the permissions to group writable. Edited above to add this. – Jake May 29 '12 at 14:01
18

In your wp-config.php under directives add this line:

define('FS_METHOD', 'direct');
Rob Hruska
  • 118,520
  • 32
  • 167
  • 192
Rohan Zakie
  • 319
  • 5
  • 14
15

You can simply solve this problem by doing this via ssh:

sudo chown -R apache path/to/wordpress

then

sudo chmod -R 755 path/to/wordpress

Tim Chen
  • 1,364
  • 12
  • 14
4

Your hostname would be ec2-107-20-192-98.compute-1.amazonaws.com.

Your username will be the username you use to SFTP to the instance normally - ec2user for some instance types, ubuntu for Ubuntu AMIs, etc. EC2 generally doesn't use passwords, preferring SSH keys, so you'll have to set a password for your account by doing passwd on the commandline.

ceejayoz
  • 176,543
  • 40
  • 303
  • 368
  • 1
    What about the username? Would that be root or ec2user? – Spencer Carnage Dec 31 '11 at 03:48
  • That depends on the AMI. It's whatever you normally use to SSH/SFTP. – ceejayoz Dec 31 '11 at 04:16
  • I dont think this is correct answer as wordpress doesn't connect with ssh, but with ftps (over ssl or tls) – Surinder Feb 09 '21 at 14:05
  • @Surinder About a decade ago, OP accepted my answer, so I'm fairly comfortable they found it helpful. I'm reasonably certain at the time WordPress had SFTP support; it's still available via a plugin today. – ceejayoz Feb 09 '21 at 15:49
2

Try adding FTP credentials to wp-config.php: http://codex.wordpress.org/Editing_wp-config.php and http://codex.wordpress.org/Editing_wp-config.php#WordPress_Upgrade_Constants

That should make WP admin stop asking for FTP details. But depending on how you've set up permissions via the command line, may have to go to the command line to edit files like wp-config.php . And you may not have sufficient permissions to upload and for WP to unzip a theme.

As per other answers, I use SFTP with a server of ec2-xx-xxx-xx-xx.compute-1.amazonaws.com username of ec2-user

markratledge
  • 17,322
  • 12
  • 60
  • 106
0

You could simply use 127.0.0.1 as hostname and check FTP in Wordpress ftp settings. To resume what has been said:

  • user is the same you actually use to SSH/SFTP

  • password needs to be set/updated logging in via SSH and typing sudo passwd your-user-name

Giulia Nicole Pernice
  • 753
  • 1
  • 7
  • 11
0

ec2-107-20-192-98.compute-1.amazonaws.com:22 represents both the hostname and the ssh port. (SSH is normally on port 22, though it can run on any port.)

Try just ec2-107-20-192-98.compute-1.amazonaws.com in the hostname field.

I'm still skeptical of a webpage asking for a username and password. Seems a bit silly to me, since you should just use SFTP to directly upload whatever content you want using your SSH identity key instead of a password.

sarnold
  • 102,305
  • 22
  • 181
  • 238
  • I'm just trying to use the built-in wordpress features that allow for you do this without going down to the command line. I'm not at my normal computer with all of my ssh set up on it. Its possible I have to set up the password like ceejayoz says if I want to go down this route that I'm currently on. – Spencer Carnage Dec 31 '11 at 03:50
  • @sarnold for better or for worse, it's how Wordpress updates work (see: http://codex.wordpress.org/Updating_WordPress) if the Apache/Http user doesn't have permission to change files. You can *also* update from the command line, but if you want to use the WP gui, you need an ftp or ssl user/pass. – Amanda Jun 13 '12 at 21:25
  • @Amanda: I'd definitely call that _for worse_. :) [My skepticism feels justified](http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wordpress). (Granted, a lot of those are due to plugins, but _wow_.) – sarnold Jun 13 '12 at 21:50