Enabling chrooted sftp access for WordPress automatic upgrades

Create wordpress user specifically for the auto update and add the user to the www-data group:

  • sudo adduser wordpress
  • sudo adduser wordpress www-data

chgroup the wordpress dir to the www-data group:

  • sudo chgrp -R www-data /var/www/wordpress

Add the following to /etc/ssh/ssd_config to chroot the wordpress user to the wordpress directory:

Match User wordpress
ChrootDirectory /var/www/wordpress
AllowTCPForwarding no
X11Forwarding no
ForceCommand /usr/lib/openssh/sftp-server

Restart the sshd service:

sudo /etc/init.d/ssh restart

Setup the sftp userid and password in the wordpress settings and select sftp.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.