What are file permissions and how to set them correctly

File permissions are rules that control who can read, write, or execute (run) files and directories on a server or computer. They are crucial for website and server security because improperly set permissions can let attackers view, alter, or delete your files.

Understanding File Permissions

On most web servers (especially Linux-based), permissions are represented by three types of access for three groups of users:

• User (Owner): The account that owns the file.
• Group: Other accounts in the owner’s group.
• Others (World): Everyone else.

Each group can have three permissions:

• Read (r): Can view the file’s contents.
• Write (w): Can modify the file.
• Execute (x): Can run the file as a program (or, for directories, access files inside).

Permissions are usually shown as a three-digit number (like 644), or as letters (like rw-r--r--).

Example:

• 644 → Owner can read/write, group and others can only read.
• 755 → Owner can read/write/execute, group and others can read and execute.

How to Set File Permissions Correctly

For Most Websites (WordPress, Joomla, etc.):

• Files: 644
  • Owner can read and write.
  • Group and others can only read.
• Directories (Folders): 755
  • Owner can read, write, and execute (needed to access folder contents).
  • Group and others can read and execute (so your website works), but not write.

How to Set Permissions via Command Line (SSH):

# Set all files to 644:
find /path/to/your/site -type f -exec chmod 644 {} \;

# Set all directories to 755:
find /path/to/your/site -type d -exec chmod 755 {} \;

How to Set Permissions via FTP or File Manager:

• Right-click a file or folder.
• Choose “Permissions” or “Change Permissions.”
• Enter the number (e.g., 644 or 755), or check the appropriate boxes.

Special Cases

• Sensitive files (like wp-config.php):
  You can set stricter permissions, e.g., 400 or 440 (only the owner or server can read).
• Never use 777:
  This gives everyone full control—attackers could upload or change your files!

Quick Reference Table

Summary

• File permissions tell the server who can read, write, or execute files.
• Use 644 for files and 755 for directories.
• Avoid overly permissive settings (777).
• Set stricter permissions for sensitive files.
• Regularly review your permissions to keep your site secure!

Well-set permissions are like strong locks on the doors and windows of your website—don’t leave them open!

Related posts:

How to set file permissions in web hosting How to manage permissions with cPanel File Manager How To Use cPanel File Manager To upload you website and Get Your Website Online How to secure your wp-config.php file.