Updating WordPress without using FTP

FTP. It’s so… 80s… It’s based around the thought that network traffic probably won’t be sniffed and that the guy next to me won’t crawl through my files. Basically it’s a relic from a time when people thought the internet would be a glorious place to advance mankind rather than being the world’s biggest contest of who can hoard the biggest amount of porn.

Coincidentally SSH was created 1995, about 10 years after FTP to clean up with the mess of uncrypted 80s protocols. In today’s modern computing world, SSH is basically the standard for safe and versatile command-line access and port-forwarding.

Why am I writing all of this? Well, Jidder did the right thing and disabled FTP on this server, leaving only SSH to update and maintain my WordPress installation. The thing is: WordPress doesn’t really like SSH all that much. But as usual, there are mysterious and dark ways around it.

Updating WordPress installations through SSH – How I loved rsync once again

Did I mention that SSH is great? I’m sure I did. Another great tool is rsync. And wget. Gosh, there are so many of them. But let’s focus on rsync right now. You can manually download the WordPress update package with wget and unzip it. But when it comes to moving the files around – there will be blood. mv doesn’t like it when you move non-empty directories onto other non-empty directories and starts crying.

Thankfully rsync isn’t such a pansy. Yeah, you heard me, mv!

rsync -arv --remove-source-files * ../blog/.

That’s all it takes for rsync to move all the files from your wordpress-* directory to your blog. That’s one way to update WordPress without FTP access. But there’s a small problem with this: Updating your hundreds of plugins that way takes time. It’s inconvenient. It’s no good.

The dark art of config-editing – Getting more… direct

A somewhat better way would be to let WordPress use your login and do all the dirty work itself. Lo and behold, that is indeed possible with a few simple, additional lines to your wp-config.php:

define('FS_METHOD', 'direct');
define('FTP_BASE', '/var/www/whatever/you/like/');
define('FTP_CONTENT_DIR', '/var/www/whatever/you/like/wp-content/');
define('FTP_PLUGIN_DIR', '/var/www/whatever/you/like/wp-content/plugins/');
define('FTP_HOST', 'host.domain:22');
define('FTP_USER', 'my_username'); 
define('FTP_PASS', 'my_password');

Don’t forget to adjust your permissions on the wp-content/plugins folder to ensure the user your web-server runs in can access/write to the directories (for updating plugins).


Published by


The fool's herald.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.