File Permissions Guide

Secure your files with proper Linux permissions.

What are File Permissions?

File permissions control who can read, write, or execute files on your server. Proper permissions are crucial for both security and functionality—too restrictive and your site won't work, too permissive and you're vulnerable to attacks.

Read (r) = 4

View file contents

Write (w) = 2

Modify file contents

Execute (x) = 1

Run as program

Understanding Permission Numbers

Permissions are represented by three-digit numbers (e.g., 755, 644). Each digit represents permissions for:

Owner (User): The user who owns the file
Group: Users in the file's group
Others (World): Everyone else

Examples:

755 = rwxr-xr-x
Owner: 7 = read (4) + write (2) + execute (1)
Group: 5 = read (4) + execute (1)
Others: 5 = read (4) + execute (1)

644 = rw-r--r--
Owner: 6 = read (4) + write (2)
Group: 4 = read (4)
Others: 4 = read (4)

600 = rw-------
Owner: 6 = read (4) + write (2)
Group: 0 = no permissions
Others: 0 = no permissions

Recommended Permissions

For Files

644 (rw-r--r--): Standard for most files (HTML, CSS, JS, images)
600 (rw-------): Sensitive config files (wp-config.php, .htpasswd)
755 (rwxr-xr-x): Executable scripts (CGI, shell scripts)

For Directories

755 (rwxr-xr-x): Standard for most directories (public_html)
750 (rwxr-x---): More restrictive (admin directories)
700 (rwx------): Owner-only access (.ssh directory)

Never use 777 permissions in production! This makes files writable by anyone and is a major security risk.

WordPress Recommended Permissions

Files:

All files: 644
wp-config.php: 600 or 440
.htaccess: 644

Directories:

All directories: 755
wp-content: 755
wp-content/uploads: 755
wp-content/themes: 755
wp-content/plugins: 755

Special Cases:

• wp-content/uploads: Must be writable for media uploads (755)
• wp-content/cache: Writable for caching plugins (755)
• wp-config.php: Most restrictive possible (600)

Changing Permissions

Method 1: cPanel File Manager (GUI)

Log in to cPanel
Go to File Manager
Navigate to the file or folder
Right-click and select "Change Permissions"
Use checkboxes or enter number directly
Click "Change Permissions"

Method 2: FTP Client

Connect via FTP (FileZilla, etc.)
Right-click file or folder
Select "File permissions" or "Chmod"
Enter numeric value
Check "Recurse into subdirectories" for folders
Click OK

Method 3: SSH Command Line

# Change single file
chmod 644 filename.php

# Change directory
chmod 755 directory-name

# Change all files in directory
chmod 644 /path/to/directory/*

# Change all subdirectories only
find /path/to/directory -type d -exec chmod 755 {} \;

# Change all files only
find /path/to/directory -type f -exec chmod 644 {} \;

Common Permission Issues

"Permission Denied" Errors

Symptoms: Can't upload files, can't save changes

Causes: Directory not writable, file owned by wrong user

Solutions: Set directory to 755, set files to 644, ensure correct ownership

WordPress Can't Upload Media

# Set uploads directory to writable
chmod 755 wp-content/uploads
chmod -R 755 wp-content/uploads/*

WordPress Can't Update Plugins/Themes

# Set correct permissions
chmod 755 wp-content wp-content/plugins wp-content/themes
find wp-content/plugins -type f -exec chmod 644 {} \;
find wp-content/themes -type f -exec chmod 644 {} \;

403 Forbidden Error

Check both file and directory permissions. Directory or file not accessible.

Security Best Practices

Never Use 777:

777 = rwxrwxrwx means everyone can read, write, and execute. Major security vulnerability.

Secure Configuration Files:

# WordPress
chmod 600 wp-config.php

# Joomla
chmod 600 configuration.php

# Drupal
chmod 600 sites/default/settings.php

Protect Sensitive Files:

chmod 644 .htaccess
chmod 600 .htpasswd

Troubleshooting Permission Issues

Check Current Permissions (SSH):

# List with permissions
ls -la

# Check specific file
stat filename.php

# Find files with specific permissions
find . -type f -perm 777

Find World-Writable Files (Security Check):

# Find files with 777
find /home/username/public_html -type f -perm 0777

# Find directories with 777
find /home/username/public_html -type d -perm 0777

WordPress Permission Fix Script

#!/bin/bash
# fix-wordpress-permissions.sh

# Set directories to 755
find /home/username/public_html -type d -exec chmod 755 {} \;

# Set files to 644
find /home/username/public_html -type f -exec chmod 644 {} \;

# Set wp-config.php to 600
chmod 600 /home/username/public_html/wp-config.php

# Set .htaccess to 644
chmod 644 /home/username/public_html/.htaccess

echo "Permissions fixed!"

Best Practices Summary

• Default files: 644 (rw-r--r--)
• Default directories: 755 (rwxr-xr-x)
• Configuration files: 600 (rw-------)
• Never use: 777 (rwxrwxrwx)
• Be restrictive: Only grant needed permissions
• Check regularly: Audit permissions periodically
• After uploads: Verify permissions are correct
• Contact support if ownership issues persist