How To Set Correct File Permissions For WordPress

All of WordPress website has a structure for files and folders. After all, our website runs with the help of files and directories. We should keep correct file permissions for our website in terms of security.

You should check your project’s filesystems and if the wrong permissions are set for your project’s file, you should modify permissions without delay.

Keeping wrong file permissions would exploit your website for hackers. Hackers can take benefit of wrongly configured file permissions.

Correct File and Folder Permissions in WordPress

For securing WordPress, we should keep below recommended permissions.

  • For all folders and subfolders, permission should be 755 or 750.
  • All files should have permission 644 or 640 except wp-config.php file.
  • 440 or 400 for wp-config.php file.

If you keep 644 or 640 permission to wp-config.php then you are giving read access to other users on a server. So keep 440 or 400 permission to wp-config.php.

Set Correct Permissions Using FTP

To set the permissions using FTP, you should first connect to your FTP client.
Once connected, go to the root directory of your project.

Select all directories and right click and select the File permissions.

File Permissions In FTP

After clicking on File permissions, a new dialog box appears. Type 755 in in the numeric value field. Select the checkbox for ‘Recursive into subdirectories’ and then choose the option for ‘Apply to directories only’. Click on OK button and your FTP client would start the setting permissions 755 for all your folders and sub-folders. Wait for some moments until the process is finished.

File Permissions In FTP

Now, we have change folder permissions. Let’s change file permissions. For this, select all files and folders from the root folder. Right click and select the file permissions.

Again, file permissions dialog box would appear. Enter 644 in the numeric value field. Select the checkbox for ‘Recursive into subdirectories’ and then choose the option for ‘Apply to files only’.

File Permissions In FTP

Click OK button. This time your FTP client will set 644 permissions to all files inside your folders and sub-folders.

Set Correct Permissions Using Shell Access

If you have shell access on your server then by running few commands we can set the permissions on our files and folders.

Change folder permissions to 755 by running the below command.

find /path/to/your/wordpress/install/ -type d -exec chmod 755 {} \;

To change file permissions to 644, our command is as follows.

find /path/to/your/wordpress/install/ -type f -exec chmod 644 {} \;

In my case, /path/to/your/wordpress/install/ will be replaced by /var/www/html/ so my command would be as below.

find /var/www/html/ -type d -exec chmod 755 {} \;
find /var/www/html/ -type f -exec chmod 644 {} \;

In the above commands, -type d for directories and -type f for files.

Note: Never give 777 permission to any file or directory, even upload directories. If any file has 777 permission that means we are making this file World-Writable. This should not be acceptable.

We hope you understand how to set correct files and folders permissions in WordPress. If you have any questions or suggestions please leave a comment below.

Related Articles

If you liked this article, then please subscribe to our Youtube Channel for video tutorials.

Leave a Reply

Your email address will not be published. Required fields are marked *