Updating Wordpress on our Windows Hosting

If you have secured WordPress correctly on our Windows hosting then the vast majority of your site should be read-only except for special folders like temp/cache folders or where you upload photos or media. However when it comes to updating WordPress using the built-in auto-update system these restricted permissions may cause updates to fail as WordPress will not have access to update the core or plugin files.

We do not recommend having your site fully write enabled, it is very insecure and can allow a hacker that has gained write access via a backdoor to then access any file within your site including your WordPress config files rather than being restricted to only a few less important areas.

Luckily there are two ways to update WordPress and any add-ons.

1. Configure WordPress to use FTP for updates instead (recommended)

This method allows WordPress to use FTP to update files and bypass the need to change file permissions.

Add the following lines to the WordPress wp-config.php file in your root folder (just below where the database settings are is a good place) and replace the domain name, username and password values with your own where needed, this assumes you have installed WordPress into your root folder and are using the default FTP account auto-configured when you opened the hosting.

/**  FTP settings **/
define('FS_METHOD', 'ftpsockets');
define('FTP_BASE', '/domain.name/wwwroot/');
define('FTP_USER', 'username');
define('FTP_PASS', 'password');
define('FTP_HOST', domain.name');
define('FTP_SSL', false);

2. Temporarily change file permissions to allow updated to all files

You can allow temporary write access without losing any specific write permissions you have set on any special folders.

  1. With your WordPress folder permissions already set securely, browse to the file manager in the hosting control panel.
  2. Click on the padlock icon next to the wwwroot folder, this is where you set specific permissions for individual files and folders on our Windows hosting.
  3. You should see at least two users you can assign permissions for. Find your domain user (the user with the same name as your domain name) and Check/Tick the Write option.
  4. Now the important bit, make sure that "Replace permissions on all child objects" is NOT checked/ticked. This setting will set write permissions on the wwwroot folder without overwriting sub-folders that have their own specific permissions already set. However, it will still propagate this setting to all any other sub-folders.
  5. Next, perform the WordPress update from within WordPress, it should now have full access to make any changes it needs.
  6. Lastly, return back to the file manager and untick the write option on the wwwroot folder, again making sure "Replace permissions on all child objects" is NOT ticked, your previous folder permissions should have remained intact.

You can do this each time you need to perform a WordPress update or install a new plug-in without affecting any other file or folder specific permissions but don't forget to return wwwroot permissions back to read-only to remain secure.

  • 10 Users Found This Useful
Was this answer helpful?

Related Articles

Error : Validation of viewstate MAC failed

If you get the error following error in your .NET app - Validation of viewstate MAC failed. If...

Is there a limit to the number of MSSQL databases you can create?

The only limitation for Microsoft SQL Server databases is the space, you can create unlimited...

Setting read and write permissions on files and folders (Windows)

On our Windows hosting file/folder read and write permissions are set by using the file manager...

Connection timeout or no file or directory listing when connecting via FTP

A common issue when trying to connect via FTP to a server is to receive a connection timeout or...

Accessing mySQL remotely

Remote access to any of our database servers is provided solely for periodic maintenance, backups...