WordPress default folder / file permission issues result in 404 / 403 errors

My YunoHost server

Hardware: VPS bought online
YunoHost version: 11.1.20
I have access to my server : Through SSH | through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no
If your request is related to an app, specify its name and version: wordpress v6.2~ynh1

Description of my issue

I use a WP theme (YOOtheme) which caches images automatically. It stores cached image files under /wp-content/themes/yootheme/cache/[FOLDER_WITH_2_RANDOM_CHARS]. However, with the image caching I receive 404 (not found) errors for all images on my wordpress site. I debugged this and found the cause.

  1. Subfolder permissions
    By default the newly created folders only receive drwxrwx---+ permissions which leads to the 404 (Not found) error as the folder is not executable for o. So, the first part of the solution was to give o the x permission. So that the folder then has drwxrwx--x+ permissions. Afterwards the error changes to 403 (Forbidden).

  2. File permissions
    By default the newly created cached images only receive -rw-rw----+ permissions which leads to a 403 (Forbidden) error as the files are not readable by o. So, the second part of the solution was to give o the r permission. So that the file then has -rw-rw-r--+ permissions. Afterwards the image files are loaded successfully.

However, this is just a temporary solution as newly cached images are created with the same default folder and file permissions. So, I need to find a solution to persist the adopted permissions. How can I do that?

I could solve the issue using setfacl. Also I needed to grant /cache folder x permission for o. These are the commands I ran in case anybody encounters the same issue.

setfacl -PRdm o::rx cache/
chmod o+x cache/

I don’t know if this is the optimal way to solve this but it works for me. Newly cached images are accessible now.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.