Definitive WordPress folder permissions

1 Views

I can’t seem to find this anywhere. Does anyone know where there is a definitive list of Windows/Linux permissions for noobs for all folders in WordPress? I’m ok with chmodding, chowning and chgrouping, I just don’t seem to be able to make it possible for users to upload files (images are ok for some reason) to a server. I’ve tried on both Windows and Linux, with Linux being my preferred platform, but to no avail.

Just once and for all I’d like to know what I should do here! Is there a list out there??!

Post Views: 1

Related posts

Leave a Reply

4 comments

  1. This is how I do it (change the stuff within brackets to your environment:)

    $ cd [wordpress_install_folder]
$ chown -R [webuser]:[mygroup] *
$ chmod -R g+w *
$ chown root:root wp-config.php
$ chmod 644 wp-config.php

  2. The following files need to be writable:

    /sitemap.*         (dependes)
/.htaccess
/wp-config.php
/wp-content/       (recursively)

    if you want to allow wordpress updates, simply set ./ to be writable

    Now if you’re asking whom to grant write/execute permission, it depends on your server config,
    on the httpd user/group and the file’s owner.
    You should allow 600 for files and 700 for directories. if it doesnt work, include group permission 660 and 770. Some servers need 666 and 777 tho but you might have a chrooted environment and it would not even matter for other vhosts / shares which permission, because you can’t break out of the chroot.

    WordPress uses the httpd user to write, but you probably use the ftp user to write.
    It’s just all about getting to know who does what, and that this is not the same on all servers.

    if the files belong to the FTP user but the www user is in the assigned group =>
    660 / 770

    if the files belong to the www user but the ftp user is in the assigned group => 660 / 770

    if ftp and www are the same user => 600 / 700

    if at least 1 of the two users is not in the files group AND not the owner => 666 and 777

  3. Firstly, change your file and folder ownership to your web server user (apache, nginx, www-data, etc)

    You can do this using:

    cd /path/to/wordpress/
chown -R apache *
chgrp -R apache *

    Then change your file and directory permissions (as recommended by the WordPress Codex). The first command will change your directory permissions. The second command changes your file permissions. The . indicates that it will change everything from the current directory.

    find . -type d -exec chmod 755 {} ;
find . -type f -exec chmod 644 {} ;

    If you want to read more about securing your WordPress installation see here: http://codex.wordpress.org/Hardening_WordPress#File_permissions