Replies: 0
Question:
Because we do not want Apache to have (group) ownership on files, because of security concerns, we do not want to run updates through the dashboard. Currently running wp_cli updates with daily cron jobs, which runs the routines with my username assuming I own the files, rather than Apache so more secure.
However, I am curious about background updates using =>’define( ‘WP_AUTO_UPDATE_CORE’, true );’ (https://wordpress.org/support/article/configuring-automatic-background-updates/) does that use Apache or the credentials thrown in:
define(‘FTP_USER’,”);
define(‘FTP_PASS’,’!’);
define(‘FTP_HOST’,’:22′);
define(‘FS_METHOD’, ”);
define(‘FTP_BASE’, ”);
define(‘FTP_CONTENT_DIR’, ”);
define(‘FTP_PLUGIN_DIR ‘, ‘/’);
Curious about method:
And what is the purpose of this section of the wp-config?
FYI:
The essential questions are:
Does ’define( ‘WP_AUTO_UPDATE_CORE’, true );’ simulate dashboard updates and require Apache user access or can I use my username?
if background updates using ’define( ‘WP_AUTO_UPDATE_CORE’, true );’ using my username (rather than Apache) is preferable to daily cron jobs using wp_cli? Do