Setting the right file permissions for your WordPress files and directories is crucial for maintaining its security and functionality. Incorrect permissions can leave your site vulnerable to hackers or cause issues with running WordPress. This guide will walk you through the correct permissions for WordPress files and directories via cPanel and Linux shell.
Before you read this tutorial, please checkout: Linux Permissions Explained
WordPress Directories
For WordPress directories, the recommended permission is 755.
In other words; the owner can read, write, and execute. The group and other users can read and execute.
What Do CHMOD 755, 644, and Others Mean?
To set this permission for all WordPress directories via Linux shell, you can use the “find command“:
find /path/to/your/wordpress/ -type d -exec chmod 755 {} \;
Replace the “/path/to/your/wordpress/” with the exact path of your WordPress installation.
Example Screenshot:
To set 755 permission via cPanel;
Locate the “File Manager” option in the “Files” section on your cPanel account followed by navigating to the directory where your WordPress installation is.
Then right-click on the directory you need to change permission (e.g., wp-content
, wp-includes
).
Select “Change Permissions.” from the popup and set the permissions to 755. After all, click “Change Permissions.”
WordPress Files
For WordPress files, the recommended permission is 644.
This means the owner can read and write. And group and other users can just read the file.
To set this permission for all files using a Linux shell, you can use the following command:
find /path/to/your/wordpress/ -type f -exec chmod 644 {} \;
Replace the “/path/to/your/wordpress/” with the exact path of your WordPress installation.
Example Screenshot:
In the same way, we changed permissions earlier for a directory in cPanel, a file permission can be also modified in cPanel:
Locate the “File Manager” option in the “Files” section on your cPanel account followed by navigating to the directory where your WordPress installation is.
Then right-click on the file you need to change permission (e.g., index.php
).
Select “Change Permissions.” from the popup and set the permissions to 755. After all, click “Change Permissions.”
Special Files and Directories
There are some files and directories that need different permission settings in order to work correctly and securely.
wp-config.php
The wp-config.php
file contains sensitive information about your WordPress installation. It should have stricter permissions.
The recommended permission is 440 or 400
That means the User can have read, write, and execute permissions, and group and others lack any permissions.
Use one of the following commands in the Linux shell to set these permissions:
chmod 440 /path/to/your/wordpress/wp-config.php
OR
chmod 400 /path/to/your/wordpress/wp-config.php
Uploads Directory
The wp-content/uploads
directory might need slightly different permissions to allow file uploads.
Typically, 755 should work, but if you encounter issues, you might need to change it to 775 which is supposed to give user and group full permissions (read, write, execute) and other users; read and execute.
chmod -R 775 /path/to/your/wordpress/wp-content/uploads
File and Directory Permissions Table
File/Directory | Permission |
---|---|
Root directory (WordPress installation directory : usually public_html) | 755 or 750 |
wp-admin | 755 |
wp-includes | 755 |
wp-content | 755 |
wp-content/themes | 755 |
wp-content/plugins | 755 |
wp-content/uploads | 755 |
wp-content/languages | 755 |
wp-content/mu-plugins | 755 |
wp-content/upgrade | 755 |
wp-content/cache | 755 |
.htaccess | 644 |
index.php | 644 |
wp-config.php | 400 or 440 |
wp-cron.php | 644 |
wp-load.php | 644 |
wp-login.php | 644 |
wp-mail.php | 644 |
wp-settings.php | 644 |
wp-signup.php | 644 |
wp-activate.php | 644 |
wp-blog-header.php | 644 |
xmlrpc.php | 644 |
license.txt | 644 |
readme.html | 644 |
wp-links-opml.php | 644 |
wp-trackback.php | 644 |
By setting these permissions, you ensure that WordPress can manage your media files properly while maintaining security.
Also Read:
Linux File Permissions