WordPress users often required the some file permissions to use it properly, ad perform reading, writing and executing files. If you misconfigure these permissions, then it poses a risk to your WordPress site.
This guide will tell you about fix file permissions in WordPress, how to change these permissions, etc. Here, we also tell you about user roles in file permissions, their types, etc.
Table of Contents
ToggleUnderstanding File Permissions in WordPress
WordPress file permissions set rules on users, who can read, write or execute files during installation. These permissions control access to files like wp-config.php
and .htaccess
. These controls limit on users who can access to files, or make changes to its content.
These file permissions serve as the safety your website from unauthorized access. Without set these permissions, anyone can access your important WordPress files and cause risks to it.
User Roles in File Permissions
Once you understand the WordPress file permissions, you should know what type of users interact with files and folders of installation.
The users are categorized into roles, given below.
- User: User is individual account, like FTP user that you use to connect to web server.
- Group: A group refers to a series of users. Groups is convenient for public users to access to file and directories.
- World: This category consists all, i.e., public access.
The “user” role in WordPress file permissions usually refers to the account that owns your WordPress files on the server.
Types of File & Folder Permissions
WordPress permissions are same as UNIX permissions. There are 3 kind of permissions, read, write and execute.
The given table show all permissions with their privileges, symbols, and values:
Permission | Privileges | Symbol | Value |
---|---|---|---|
Read | View or copy files | r |
4 |
Write | Edit, delete, or modify files | w |
2 |
Execute | Run files (or access directories) | x |
1 |
Permissions are referred to as strings (e.g., -rwxr-xr-x
), where every symbol shows the specific access. You can interpret these strings in the given method:
- The first character (
-
ord
) denotes whether the item is a file or a directory. - The next three characters indicate permissions for the user role.
- The following three characters show permissions for the group role.
- The last three characters represent permissions for the world role.
Examples
-rwxr-xr-x
: User get complete access (read, write, execute), whereas the group and world only get access to read and execute a file.drw-r--r--
: User will get read and write access, whereas group and world get read-only access to a file.
Numeric Representation of Permissions
There is also numerical representation of file permissions by add values to every permission (4: read, 2: write, and 1: execute). It create numeric code for every permission string.
Let us help you understand by -rwxr-xr-x
permission broken as:
Role | Read (4) | Write (2) | Execute (1) | Total |
---|---|---|---|---|
User | 4 | 2 | 1 | 7 |
Group | 4 | 0 | 1 | 5 |
World | 4 | 0 | 1 | 5 |
The value of this representation is 755.
Best Practices for WordPress File Permissions
While setting file permissions on WordPress, you must maintain a balance between functionality and security. If you do not set permissions properly, then it affects functionality and causes security risks.
You must set file permissions for WordPress in given ways, as suggested:
- Root directory (
/
): 755 /wp-admin/
: 755/wp-includes/
: 755/wp-content/
and subdirectories: 755.htaccess
: 644index.php
: 644wp-config.php
: 640
These permissions limit access to your WordPress file and keep it protected from vulnerable users. The specific file configurations vary on the basis of the hosting setup.
Always keep security in mind, and adjust these permissions only when necessary.
If you are struggling to build professional WordPress website then checkout Spexo Free Elementor Templates. Spexo Theme comes with huge collections of ready to use elementor templates and sections which makes web development process quick.
How to Change or Fix WordPress File Permissions Issue
It is easy and simple to change WordPress file permissions, but some mistakes can locked out you from your site. To avoid problems, you must keep a backup of your website. It serves as a safety net and allows you to restore the functional version of the site.
⚠️ Important: When you change file permissions for a directory, the permissions for the files and subdirectories inside it will also change recursively.
Method 1 — Fix WordPress Permissions Using a Plugin
It is easy to change file permissions with a plugin named All in One WP Security & Firewall. This plugin gives you a simple way to adjust permissions and limit access to critical files and folders.
Here how you can easily use plugins to fix permissions:
- First, you should Install and activate the plugin on your WordPress site.
- In the plugin sub-menu, Go to WP Security → Filesystem Security in the plugin’s sub-menu.
Here, you’ll see table of important WordPress files and directories with its current permissions.
- If you see any file or directory with incorrect permissions, then tap on Set Set Recommended Permissions next to adjust to recommended settings automatically.
⚠️ Note: This plugin limits permission changes to predefined settings for key files and folders. For full control over permissions, using FTP or cPanel is recommended.
If all the folder and file permissions in WordPress looks good then sometimes there might be WordPress maintenance mode related issue. You can checkout our detailed guide about Fix WordPress Maintenance Mode issue.
Method 2 — Fix WordPress Permissions Manually
Next method to fix wordpress permissions is by using cPanel. cPanel is file manager like control panel, that are widely used by web hosts. It permit you to change file permissions. cPanel is the popular control panel. Here we tell you the steps to easily use cPanel and change file permissions. Note that the given steps are the same for all control panels but differ in the user interface.
Here’s how to change file permissions using cPanel:
- Log into your cPanel account. You can typically access it via a link from your web hosting dashboard or by appending
/cpanel
to your site’s URL. - In cPanel file section, open file manager.
- Go to the root directory. By default, it is shown as
public_html
. In right hand pane, you see all files and directories. The last column shows all files permissions.
- Now, you can choose the change permissions option to change permission for a file or directory. Right click on file or directory you want to change, and then click on Change Permissions option.
- Next, you should change permissions. A dialog box opens on your screen. It gives you options to adjust permissions for the file or directory. Once you’ve set all required permissions, tap on Change Permissions and save all changes.
⚡ Pro Tip: It is suggested that WordPress users speed up workflow by selecting several files with Cmd (macOS) or Ctrl (Windows). Use Shift to select all items between two points and make necessary permission changes quickly.
Conclusion
Fixing or changing WordPress file permissions is an important step to secure your website. Proper file permissions limit access from unauthorized users and enhance safety. Only authorized and trusted users are allowed to access your critical WordPress files.
Even it is easy to adjust file permissions by follow above methods, but ensure to keep backup of your site before make changes. Don’t set incorrect permissions, otherwise it affects your site functionality. You can easily use FTP, cPanel or plugin, and ensure that your files are set to 644 and directories to 755. It sets limits to your important files, such as wp-config.php
and .htaccess
(set to 640).
By following the above methods, you enhance the security of your site, reduce privacy risks, and ensure its peak functionality. Hope this guide is helpful for you to fix file permissions on WordPress.