WordPress File Permissions
On computer file systems, different files and directories have permissions that specify who and what can read, write, modify, and access them. This is important because WordPress may need access to write to files in your /wp-content/ directory to enable certain functions. If these permissions are set incorrectly, they may cause problems on your website. For example, if the permissions are set too loosely, unauthorized users and hackers might be able to access your site; and if you set the permission too tightly, WordPress might be unable to access files that are critical to their operations.
What are File Permission Numbers?
File permissions are a combination of three numbers:
From left to right, the numbers are in order of the permissions granted to the type of WordPress user – user, the group, and the world. Each number denotes a specific level of permission granted to the corresponding user:
- 0 – No access
- 1 – Execute
- 2 – Write
- 4 – Read
The rest of the numbers are a combination of 1, 2, and 4.
- 3 – (2+1) Write and execute
- 5 – (4+1) Read and execute
- 6 – (4+2) Read and write
- 7 – (4+3) Read, write and execute
You don’t want all file permissions to be set to 777 and grant the whole world access to read, write, and execute your files. At the same time, you can’t set everyone’s permission to 000 or 444 either. This is because WordPress often requires permission to execute files or modify them. When you install plugins and themes, they need access to certain files and folders for you to be able to use them.
So what are the recommended WordPress file permissions?
Recommended File Permissions in WordPress
Here are the recommended file permissions that you can set for your WordPress site.
- wp-admin: 755
- wp-content: 755
- wp-content/themes: 755
- wp-content/plugins: 755
- wp-content/uploads: 755
- wp-config.php: 644
- .htaccess: 644
- All other files – 644
How to Change File Permissions on WordPress
The best way to change your file permission is to contact your hosting company. They are in the best position to help. But if you need to set the permissions yourself, you’ll need to access your WordPress folders and files. You can do this in two ways:
METHOD 1. Change WordPress file permissions using cPanel
Step 1: Log in to your web hosting account and navigate to ‘manage your hosting’ and select cPanel. (This may vary between hosts. Please check with your hosting provider.)
Step 2: Inside cPanel, select File Manager.
Step 3: Open the root folder called public_html and you’ll find your WordPress website’s files and folders inside.
Step 4: Right-click on the folder or file you want to set permissions for and select change permissions. (See the Recommended File Permissions above)
Note: You can modify permissions on individual files. You can also select multiple folders and files, and change permissions for all of them together.
Step 5: Select the permissions you want and choose ‘Change permissions’ to save your changes.
Your file permissions will be changed now. In case you don’t have access to cPanel, you can still change your file permissions using FTP (File Transfer Protocol).
METHOD 2. Change WordPress file permissions using FTP
FTP is a software you can use to connect to your WordPress website’s server to access its folders and files. To use FTP, you need to download an FTP client like Filezilla. Once you have this installed, we can begin.
Step 1: Enter your FTP credentials and establish a connection by selecting ‘Quickconnect’.
Step 2: Files and folders will populate in the panel on the right. Open the public_html folder. Here, you will find your website’s files and folders.
Step 3: Right-click on the file or folder you wish to set permissions for and choose ‘File permissions’.
Step 4: Here, you can change the permissions and select ‘OK’ to save your changes.
That’s it! Your file permissions are changed and have been set correctly.