All the files in your WordPress installation should list you as the owner. The files that WordPress needs to write to (.htaccess, wp-content) should belong to a group that contains the web server user. For example, on a UNIX-based server running Apache, you would need to find out which user owns Apache's processes (usually it's www). On IIS, you need to know which user IIS runs as (SYSTEM). Then make sure that there's a group containing both you and the web server user. That's the group your wp-
content and .htaccess files should belong to. On most servers, that's done for you. However, in order to better secure your WordPress site, I recommend that you allow only wp-content to be group writable, and make sure you're the only user who can write to .htaccess.
Was this article helpful?