Updating Wordpress on our Windows Hosting

If you have secured WordPress correctly on our Windows hosting then the vast majority of your site should be read-only except for special folders like temp/cache folders or where you upload photos or media. However when it comes to updating WordPress using the built-in auto-update system these restricted permissions may cause updates to fail as WordPress will not have access to update the core or plugin files.

We do not recommend having your site fully write enabled, it is very insecure and can allow a hacker that has gained write access via a backdoor to then access any file within your site including your WordPress config files rather than being restricted to only a few less important areas.

Luckily there are two ways to update WordPress and any add-ons.

1. Configure WordPress to use FTP for updates instead (recommended)

This method allows WordPress to use FTP to update files and bypass the need to change file permissions.

Add the following lines to the WordPress wp-config.php file in your root folder (just below where the database settings are is a good place) and replace the domain name, username and password values with your own where needed, this assumes you have installed WordPress into your root folder and are using the default FTP account auto-configured when you opened the hosting.

/**  FTP settings **/
define('FS_METHOD', 'ftpsockets');
define('FTP_BASE', '/domain.name/wwwroot/');
define('FTP_USER', 'username');
define('FTP_PASS', 'password');
define('FTP_HOST', domain.name');
define('FTP_SSL', false);

2. Temporarily change file permissions to allow updated to all files

You can allow temporary write access without losing any specific write permissions you have set on any special folders.

  1. With your WordPress folder permissions already set securely, browse to the file manager in the hosting control panel.
  2. Click on the padlock icon next to the wwwroot folder, this is where you set specific permissions for individual files and folders on our Windows hosting.
  3. You should see at least two users you can assign permissions for. Find your domain user (the user with the same name as your domain name) and Check/Tick the Write option.
  4. Now the important bit, make sure that "Replace permissions on all child objects" is NOT checked/ticked. This setting will set write permissions on the wwwroot folder without overwriting sub-folders that have their own specific permissions already set. However, it will still propagate this setting to all any other sub-folders.
  5. Next, perform the WordPress update from within WordPress, it should now have full access to make any changes it needs.
  6. Lastly, return back to the file manager and untick the write option on the wwwroot folder, again making sure "Replace permissions on all child objects" is NOT ticked, your previous folder permissions should have remained intact.

You can do this each time you need to perform a WordPress update or install a new plug-in without affecting any other file or folder specific permissions but don't forget to return wwwroot permissions back to read-only to remain secure.

  • 10 Users Found This Useful
Was this answer helpful?

Related Articles

How to send email using ASP and CDOSYS

The following ASP script can be used to send email using CDOSYS on our servers. Dim iConfig Dim...

Information needed to generate a Certificate Signing Request (CSR)

  To complete an SSL order you will first need to generate a Certificate Signing Request (CSR)...

Configuring SolidCP to use your own Name Servers

If you have a reseller account you may want to use your own name servers with your customer's...

How do I upload my website to your servers?

There are a number of ways to publish your website depending on if you are publishing to our...

Can I view my site before the DNS has propagated?

Windows Hosting All websites are issued with an Instant alias based on the domain you supply...