Securing a multi-user permission structure

I’m currently working on a team that needs two distinct users from the same wpadmin group to be able to modify the wordpress files.

Following the guide at Hardening WordPress (Codex), the following commands would give 755 and 644 access to directories and files respectively:

find /path/to/my/wordpress/install/ -type d -exec chmod 755 {} \;
find /path/to/my/wordpress/install/ -type f -exec chmod 644 {} \;

But the lack of the g+w permission would make this unusable on a multi-user environment.

What best practices should I follow in this case? Is it secure to just do

find /path/to/my/wordpress/install/ -type d -exec chmod 775 {} \;
find /path/to/my/wordpress/install/ -type f -exec chmod 664 {} \;

To add group access?

0

Leave a Comment