What file and directory permissions should I use for my web files

  • September 13, 2017
  • 0 Comments

In this article we will review the permissions that your files and directories should ideally be set to. Setting the permissions to anything other than mentioned below may cause your website to not function correctly.

By default, our system set all permissions to 644 for files and 755 for directories.

Files

Files should always be uploaded and set to permissions 644. There are however a few exceptions where for security purposes it is recommended to set different permissions:

PHP files that that contain sensitive information, for example, configuration files containing database usernames or passwords (eg. wp-config.php). Configuration files should be set to permissions 600 as they don't need to be executed.

Scripts that are run from the shell command line or crontab, such files should be set to permissions 700 because they are actually being executed directly by your linux user account.

Scripts that are run from the cgi-bin or other directory as a CGI script should have permissions 755 because they have to be executable by the nobody account which apache uses to access your files before serving them to the web.

For the .htaccess file it is a more secure solution to set its permissions to read only 444. This offers more protection against some simple file injection attacks.

Whenever you upload files using cPanel File Manager the files will be set with permissions 644 automatically. Also unless otherwise your FTP software will also set permissions 644 to newly uploaded files.

Directories

Directories should always be uploaded and set to permissions 755.

Whenever you upload files using cPanel File Manager the directories will be set with permissions 755 automatically. Unless otherwise your FTP software will also set permissions 755 to newly uploaded directories.

PHP web applications

Depending on their functionalities, some PHP web applications need directories with permissions set to 777.


How helpful was this article to you?