- Plesk 12.5 for Linux
- Plesk 11.0 for Linux
- Plesk 11.5 for Linux
- Plesk 12.0 for Linux
Wordpress installations from Plesk Application Vault come with insecure default permissions - 646 for files and 757 for directories.
Domain is set to handle PHP as Apache module in Home > Subscriptions > example.com > Hosting Settings . For PHP handled as FastCGI application the permissions are 644 for files and 755 for directories.
When PHP support uses Apache module as handler type all
script are being executed under Apache user, so permissions 646 for files and 757 for directories are required and set by design.With other permissions Wordpress will work incorrectly.
If it is needed to increase security for WordPress, set PHP support as
for domain in
Home > Subscriptions > example.com > Hosting Settings