I recently set up WordPress 3.5.2 on my Amazon Linux EC2 micro instance and ran into an issue. Every time I try to add a new plugin through the admin panel (going to Plugins and then Add New), WordPress asks me to enter FTP connection details like hostname, username, password, and connection type.
I found some suggestions about using command line tools and setting up FTP servers, but I’m not sure if that’s the right approach. Some sources mention adding specific configuration settings to the wp-config.php file instead.
Has anyone dealt with this before? What’s the best way to handle plugin installations on EC2 without compromising security? Should I be configuring FTP access or is there a simpler solution?
// Example configuration options I found
define('WP_METHOD', 'direct');
define('WP_BASE_PATH', '/var/www/html/wordpress/');
define('WP_CONTENT_PATH', '/var/www/html/wordpress/wp-content/');
define('PLUGIN_PATH', '/var/www/html/wordpress/wp-content/plugins/');
define('SSH_PUBLIC_KEY', '/home/ec2-user/.ssh/id_rsa.pub');
define('SSH_PRIVATE_KEY', '/home/ec2-user/.ssh/id_rsa');
define('SERVER_USER', 'ec2-user');
define('SERVER_PASS', 'mypassword');
define('SERVER_HOST', 'localhost');
define('USE_SSL', true);
This is a common file permissions issue that happens when the web server doesn’t have proper write access to the WordPress directory. The FTP prompt appears because WordPress can’t write files directly to the server.
The simplest solution is to add define('FS_METHOD', 'direct'); to your wp-config.php file and ensure correct ownership. Run these commands on your EC2 instance:
If you’re using nginx instead of apache, replace ‘apache’ with ‘nginx’ or ‘www-data’. After making these changes, WordPress should be able to install plugins directly without asking for FTP credentials. This approach is much more secure than setting up FTP access and avoids the complexity of SSH key authentication for this particular use case.
I ran into this exact same problem about six months ago when deploying WordPress on EC2. The root cause is that WordPress needs write permissions to install plugins, and when it can’t write directly to the filesystem, it falls back to requesting FTP credentials. While adding define('FS_METHOD', 'direct'); to wp-config.php works, you need to be careful about the security implications. I found that setting the ownership to the web server user (usually apache or www-data) can create vulnerabilities if your site gets compromised, since the web server can then modify core WordPress files. A more secure approach is to set up proper group permissions. Create a group that includes both your user account and the web server user, then set the WordPress directory to be owned by that group with write permissions only where needed. This way you can still install plugins through the admin interface, but limit the potential damage if something goes wrong. The permission setup takes a bit more work initially but it’s worth it for production sites.
i had the same issue when setting up wp on ec2! it’s all about file permissions. add define('FS_METHOD', 'direct'); to your wp-config.php, but first check the permissions to make sure everything’s in order or else security could be at risk.