Updated CyberPanel: Now one WordPress site doesn't allow upload + Wordfence can't read config

I updated CyberPanel two days ago, and after that, one of my WordPress-sites can’t read files (Wordfence) or upload files to /uploads.

If I compare it to my other site running on the same server, the permissions is 1:1.
I’ve tested with 777 for a short amount of time, and that’s working…

I’ve restarted LiteSpeed, just so see if that makes any difference, but with no luck.

What happend? Why can’t site1 upload/read files, now that site to works as expected? Non of them has any configuration changed after I’ve updated CyberPanel to the latest version.

Two questions:

  1. What happend during the update?
  2. How can I fix it? It must be something related to what user is used for site1, or simular? I find this a bit odd…

Let me know if you guys need anything else.

More details

It actually looks like site1 's php instance is executed with the user called nobody, where site2 is executed with the user matching the sitename…

That explains it. But why is my LiteSpeed server spinning up php-instances with the nobody username? That’s very odd bot that my other site on the same server is working as expected.

TL;DR: I was running OLS 1.6.17 and updated to 1.7.15 (done through the CyberPanel update script). Now my site1 are using nobody as the username for php-executions, instead of site1user. My site2 and site3 are both using site2user and site3user. It this just a regular change in LiteSpeed for the first site in the stack? Currently it’s a problem cause no-one can upload through WordPress, cause it´s using nobody but the folders are still owned by site1user. I’ve changed ownership temporary to nobody, but I’m wonder what’s going on…

rename plugins/wordfence folder 1st

Why should I rename plugins/wordfence folder?

I’m not sure that’s going on, but I would like to know that (before renaming folder and so) :slight_smile:

to disable wordfence
sometime wordfence make some error if we do a bad configuration

Oh, like so. Well, it’s not Wordfence. I’ve already tested with (just changed ownershop to nobody). :slight_smile:

I’m still condering why LiteSpeed changed from using site1username to nobody, but still using site2username for site2. I guess LiteSpeed are handling the first site as a primary site or so, and therefore using nobody instead of site1username. But I’m a bit unsure about the impact if I now just change ownership to nobody for site1-dir’s, now that files used to be owned by site1username

1 Like

I’ve added a TL;DR with the real problem in this post.

Solution, but not answer to why this has changed from OLS 1.16 to 1.7:
Setting suEXEC User and suEXEC Group is fixing the problem. Php is now executed as the defined user in this field. But I’m still wondering why OLS switched to nobody after the update…