Results 1 to 13 of 13
  1. #1
    Join Date
    Nov 2003
    Posts
    324

    Make Server Compatible with Wordpress automatic updates and plugin installations

    Greetings,

    I'm basically pulling my hair out because I'm not exactly sure how to solve this problem.

    I've transferred over 30 wordpress websites to my server and each one have the same issue. Before the move they were all able to install plugins and update from the Wordpress dashboard without needing FTP credentials.

    Now every website is asking for FTP credentials, and even though it goes through the plugin update procedure... the plugins never actually get updated. As well as several other issues.

    I'm trying to figure out where to start looking on my server to make it compatible without wordpress while not needing to use FTP to utilize the dashboard automatic installation method.

    ----
    My Server config is:
    - Latest RELEASE version of CPanel
    - PHP Version 5.2.11 w/ PHPsuexec
    - CentOS
    - eAccelerator+Zend+suhosin+suphp

    The following PHP functions are disabled:
    - dl
    - passthru
    -proc_open
    -proc_close,
    -system,
    -virtual,
    -show_source,
    -pclose,
    -posix_kill,
    -proc_get_status,
    -proc_nice,
    -proc_terminate,
    -escapeshellarg,
    -highlight_file,
    -leak,
    -diskfreespace,
    -show_source,
    -ini_alter,
    -ini_restore,
    -getrusage,
    -get_current_user,
    -set_time_limit,
    -getmyuid,
    -getmypid

    Thank you in advance for any replies.

  2. #2
    Join Date
    Feb 2006
    Location
    Kusadasi, Turkey
    Posts
    3,273
    Enable suPHP, enable open_basedir, and viola Oh, you already have

    Disable fastcgi, if enabled.
    Fraud Record - Stop Fraud Clients, Report Abusive Customers.
    █ Combine your efforts to fight misbehaving clients.

    HarzemDesign - Highest quality, well designed and carefully coded hosting designs. Not cheap though.
    █ Large and awesome portfolio, just visit and see!

  3. #3
    Join Date
    Nov 2003
    Posts
    324
    Thanks for the reply.

    I have "Enable php open_basedir Protection." already checked in WHM. Also I do not have fastcgi enabled on my server.

    For suPHP
    "+++++++++++++++
    root [~]# /usr/local/cpanel/bin/rebuild_phpconf --current
    Available handlers: suphp dso cgi none
    DEFAULT PHP: 5
    PHP4 SAPI: none
    PHP5 SAPI: suphp
    SUEXEC: enabled
    +++++++++++++++"

  4. #4
    Join Date
    Mar 2009
    Location
    deep blue yonder
    Posts
    176
    In order for this to work, the user that 'owns' the web server process (apache/www-data/httpd are some common ones) needs write permissions to the wordpress directories and their files. It's this process that does the download, unpack and overwrite of the files.

    If you transferred the files over (ftp upload?), it's probable that all the files are owned by your user and group, so I'd recommend a review of the ownerships and group permissions on the files.

    You may think that making the files world writeable could be a quick and dirty fix to the problem, but the security ramifications are dire, so that would be most strongly discouraged.
    424 bits were harmed in the making of this signature.

  5. #5
    Join Date
    Nov 2003
    Posts
    324
    So there is no secure way of doing this? My server is set so the highest the permissions can go are 755 but every process runs as the user.

  6. #6
    Join Date
    Apr 2002
    Posts
    930
    Have you tried recompiling PHP without suhosin?

    That would be my leading candidate as the culprit, but I can't be certain.

    Although it is also possible that one of your disabled_functions could be the cause. Might be simplier to remove all of the disabled_functions from that list and try this update. This would just be for a test and would help identify if one of the disabled_functions is your culprit. If you remove all of the disabled_functions and this works, then you know that your issue is one of or a combination of the disabled_functions you have listed.

    Also it was my understanding that EAccelerator (or any PHP caching system) and suPHP were incompatible with each other.

  7. #7
    Join Date
    Mar 2009
    Location
    deep blue yonder
    Posts
    176
    Quote Originally Posted by damainman View Post
    My server is set so the highest the permissions can go are 755 but every process runs as the user.
    Perhaps I have misunderstood what you have written, but if the web server process runs as the user, as long as the wordpress files are owned by the same user, then a permission setting of 755 should be ok. (7=owner rwx)
    Last edited by TDS-chriss; 11-18-2009 at 03:10 PM. Reason: [ user -ne owner ]
    424 bits were harmed in the making of this signature.

  8. #8
    Join Date
    Nov 2003
    Posts
    324
    Thank you for your replies. To be honest I had no idea that EAccelerator was not compatible with suPHP. I had Eaccelerator installed first, then installed suphp to see if it would solve my issue. Your reply caused me to do more research, and I'm very thankful for your post. I'm going to remove eaccelerator from my server today.

    As for the Wordpress issue, i'm still stumped and not sure how to solve this.

    At this point I'm honestly confused and maybe it might be because I haven't had much rest within the last 3-4 weeks.

    I'm I correct in thinking that you are able to install/upgrade plugins from the Wordpress admin without entering your FTP credentials? Or does it always need the FTP credentials to do this from the Wordpress admin?

  9. #9
    Join Date
    Apr 2002
    Posts
    930
    I've done the Wordpress Update from the Wordpress Dashboard before and never had to enter in the username and password. My servers run PHP with suPHP. They don't use suhosin and they don't have quite the extensive disabled_functions list that you have. This is why I think the issue may be related to one of these two.

    You may also want to insure that PHP really is running through suPHP. Create a phpinfo page in the wordpress directory and visit it. Make sure the Server API says CGI.

  10. #10
    Join Date
    Nov 2003
    Posts
    324
    Yes the server API says CGI. Now let me ask, I had phpsuexec installed first and later had suphp installed. As far as i'm aware they are both installed. Would this cause any issues?

  11. #11
    Join Date
    Apr 2002
    Posts
    930
    suPHP has superseded phpsuexec. phpsuexec was a cPanel specific wrapper developed and maintained by the cPanel developers to use on their servers. suPHP is a separately developed wrapper. Since cPanel 11, cPanel has gone to use suPHP. phpsuexec is no more. You can't have phpsuexec and suphp installed.

    If the Server API is CGI, then you are more than likely using suPHP. I just wanted to make sure that you were actually running PHP as CGI, because if you were running it as an Apache module then that could explain your problems.

  12. #12
    Join Date
    Nov 2003
    Posts
    324
    Would having the libssh2 php extension installed resolve this issue? Been browsing the Wordpress files and in the "class-wp-filesystem-ssh2.php" file it mentions this.

    I'm still reading multiple posts but not directly related to my issue, but very similar. Am I correct assuming that for Wordpress to use the autoinstaller without needing FTP credentials, it uses the SSH2 function?

    I guess maybe if I understand what type of method wordpress uses when it is able to autoinstrall without needing FTP credentials, I might have a better idea on where to look to fix the issue on my server.

  13. #13
    Join Date
    Nov 2003
    Posts
    324
    I finally solved the issue but I did multiple things at once so not sure which one specifically solved the situation but I'm guessing it was enabling getmyuid and getmypid in my php functions.

    Basically i re-enabled these functions and removed eaccerlator.

    1. pclose
    2. set_time_limit
    3. getmyuid
    4. getmypid

    Now it never asks me for FTP information when trying to update from Admin, and so far everything upgrades perfectly with no errors and no issues.

    But thank you to everyone who participated in my quest for the answer lol . Much appreciated.

    Finally i can rest!! for a bit.

Similar Threads

  1. Wordpress 2.8 Plugin
    By imran7706 in forum Programming Discussion
    Replies: 0
    Last Post: 07-17-2009, 11:43 AM
  2. Wordpress Plugin
    By Nnyan in forum Software & Scripts Requests
    Replies: 1
    Last Post: 06-25-2009, 12:05 PM
  3. A wordpress Plugin
    By thejamesf in forum Web Design and Content
    Replies: 5
    Last Post: 02-16-2009, 10:45 PM
  4. Wordpress plugin needed for automatic posting
    By zobe in forum Web Design and Content
    Replies: 1
    Last Post: 05-01-2008, 08:14 AM
  5. How can I make a jpg file not to affect from cpanel automatic updates?
    By 19leo19 in forum Hosting Security and Technology
    Replies: 2
    Last Post: 01-13-2006, 01:31 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •