Wordpress - What are the recommended database permissions for WordPress?

WordPress only uses one DB user for everything, and he'll need to have all permissions to the database. CREATE and ALTER are used when upgrading, sometimes. INSERT, UPDATE, and SELECT are used all the time.


If you did want to lock things down.... a normal wordpress site will usually only require the database user to have SELECT, INSERT, UPDATE and DELETE.

If you want to use the automatic update feature it will also require CREATE and ALTER.

Some plugins may require other permissions but most won't.


I've asked a similar but a bit more detailed question lately: MySQL Database User: Which Privileges are needed?

The short installation instruction for WordPress ("5 Minutes") state that:

Create a database for WordPress on your web server, as well as a MySQL user who has all privileges for accessing and modifying it.

This is the minimum of privileges / permissions that are needed and next to those, others are not needed.

So if your user has more privileges than those, you can reduce them.