Enabling WordPress to Update and Install Within the Dashboard

A great feature for WordPress developers is the ability to update and maintain WordPress installations, plugins and images without having to use an FTP client. Most people will be able to do straight out of the box, but for others they will be confronted with a ‘Connection Information’ screen that really makes the whole process a lot more cumbersome than it should be. We found most of the time entering your FTP details didn’t even work.

Why does this happen?

Every time WordPress tries to make any changes to the file system on the server it runs a quick test to make sure it will be able to complete the task it is about to perform. Sometimes it can be a problem with the file permissions. Some people will change their file permissions to ‘777’ as an easy fix which is very dangerous as it is only a matter of time until someone hijacks your server for all sorts of digital crime and mischief. More information on making sure your file permission are correct can be found here – Changing File Permissions

However, you can have this set correctly and still be prompted by WordPress for your details. So if you still haven’t had any success, you may need to look at your Apache and PHP setup.

The missing piece

It is ‘recommended’ but not required by WordPress.org that your server has suPHP (or phpsuexec) enabled. It’s a more secure way of running the scripts that WordPress uses plus it will enable you to do the following without evening thinking about FTP:

  • Updating the WordPress Installation (Automatically)
  • Updating and Installing Plugins
  • Uploading Media (Works a little smoother)

All of this whilst leaving your files’ permissions set to 644 and your directories set to 755. If you are only taking care of one WordPress Site this might not seem like a big deal to you, but here at Tropixel we’ll work on up to 10 different WordPress sites in one week alone. So keeping our client base up to date and secure is a very time consuming task using FTP to keep all out clients in check.

Enabling suPHP

If you are using shared hosting then you will have to contact your hosting company to see if it is possible to get this enabled or at least moved to a server with this enabled. If you are not sure what ‘shared hosting’ is then you are most likely using shared hosting, so please refer to the previous sentence.

If you’re running your own server with cPanel then you’ll need to log in to you Web Host Manager and modify your Apache Settings in ‘Software > EasyApache’

Start by using ‘Previously Saved Config (** DEFAULT **)’. Continue each step by keeping the values that are already set. Once you get to the ‘Short Options List’, select the ‘Mod SuPHP’ check box.

Continue through the rest of the steps, save and build your new Apache profile. This will take between 30 minutes to an Hour. Once it is complete go to ‘Service Configuration > Configure PHP and SuExec’. Finally, make sure the PHP 5 Handler is set to ‘suphp’

Now test your WordPress installations to see if you can now update your plugins/WordPress installation. You may need to update your file permissions (we didn’t have to) if you site is showing a 403 error, you can find some information on wordpress.org.

If you aren’t using cPanel to manage your server then you’ll have to google it, but at least you now know what you are looking for. If you find another solution somewhere else, please share it with everyone in the comments section.