Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By satvision83 on
I've migrated couple of Drupal websites from shared hosting to a VPS that runs on CentOS.
Now I have annoying permission problems. I've read lot about this, but I didn't find a perfect solution.
First of all I'm using FTP user "admin" and everything that I've migrated is made with this user.
1. I've had these issues:
"The CTools CSS cache directory, ctools/css could not be created due to a misconfigured files directory. Please ensure that the files directory is correctly configured and that the webserver has permission to create directories."
"The directory sites/default/files is not writable. You may need to set the correct directory at the file system settings page or change the current directory's permissions so that it is writable."
I've changed the owner permission with this command:
chown -R apache:apache /home/admin/public_html/mysite.com/sites/default
and after that the error was gone.
2. I've had another issue when I try to install a module:
"Error installing / updating
File Transfer failed, reason: Cannot create directory..."
I've changed the owner permission with this command now:
chown -R apache:apache /home/admin/public_html/mysite.com/sites/
Now I can install a module with no errors.
3. I'm having a new issue now:
If I uninstall a module and after that I cannot remove it with the FTP user "admin". So, I have to change again the owner permission for /sites with terminal to admin, so I can delete that module with FTP. Very annoying.
Is there any better solution for Red Hat/ CentOS?
I've hadn't any problem on my shared hosting.
Comments
Whoa there
Your sites and sites/default directories should NOT be owned by apache. That's a security problem. Only the files directory should be writable by apache ( it doesn't need to be owned, but that will work).
If you are using the Drupal web interface to upload modules, you should be prompted for an FTP (or ssh) login and password as part of that process. The purpose of that is to allow Drupal to copy the files using your FTP or SSH identity rather than the webserver's identity. Again, this is a security issue -- anything the webserver can write is subject to being hacked by any rogue exploit of Drupal, PHP or Apache itself, so you want all your executable files owned by a different account than apache.
Yelvington, thank you very
Yelvington, thank you very much for your explanation and advice.