Install WordPress plugins, themes & upgrades without providing FTP access?

Install WordPress plugins, themes & upgrades without providing FTP access?

You must have experienced that WordPress asks for FTP credentials if you initiate upgrade or install plugins. And sometimes developers don’t have FTP access and all they have is WordPress admin panel access. Let’s see why WordPress asks for FTP info and how to bypass it and enable WordPress to install updates and plugins without FTP info.

WordPress will ask you for FTP credentials while installing updates or plugins only if it finds /wp-content directory write protected, that means WordPress don’t have write permissions to the directory. Otherwise if it has write permission to necessary file and folder it will install without prompting for the FTP information. This is because WordPress stores the temporary files in wp-content directory and if file ownership matches with the user under which web server runs then it will directly install plugins, themes or updates by using ‘direct’ installation method.

Typically, WordPress files are owned by the ftp user which uploaded the original files. If there is no match between the owner of your WordPress files and the user under which your web server executes, you will receive a dialog box asking for “connection information”, and you will find that no matter what you enter in that dialog box, you won’t be able to update using the “Update Now” button.

On shared hosting WordPress files are not owned by webserver, files should be group writable (for example, 775 and 664 rather than the default 755 and 644). These file permissions should be adjusted as per the underlying webserver.

Solution is to override return value of get_filesystem_method function.  This function determines which method to use for reading, writing, modifying, or deleting files on the filesystem. The priority of the transports are: Direct, SSH2, FTP PHP Extension, FTP Sockets (Via Sockets class, or `fsockopen()`). Valid values for these are: ‘direct’, ‘ssh2’, ‘ftpext’ or ‘ftpsockets’. The return value can be overridden by defining the `FS_METHOD` constant in `wp-config.php`, or filtering via ‘filesystem_method

define('FS_METHOD', 'direct');

or

apply_filters ( 'filesystem_method', string $method, array $args, string $context, bool $allow_relaxed_file_ownership )

Note that the FS_METHOD override works fine when you have set correct permission as well otherwise you will still experience issues.

Ubuntu Permissions:

cd your_wordpress_rootsudo chown-R www-data wp-contentsudo chmod-R755 wp-content

Warning:

Never set 777 permissions to wp-content or any other WordPres folder to fix permission issue. All directories should be 755 or 750. All files should be 644 or 640. Exception: wp-config.php should be 440 or 400 to prevent other users on the server from reading it.

Author: Tahir Yasin

Tahir is a Passionate Web Developer from Lahore, Pakistan and a guy with NEVER-STOP-LEARNING attitude who keeps an eye on emerging technologies and customer trends.

Leave a Reply

Your email address will not be published. Required fields are marked *