Verifying permissions

Recommended settings

• Depending on the security configuration of your Web server the recommended default permissions is:
  • 755 for directories
  • 644 for files
  • Don't use extensions that require 777 permissions!

Note: On file permissions, in general never use 777 if you don't know what you are doing.

Learning the numbers

Each digit corresponds to a group of three letters each digit also corresponds to one set of permissions as follows:

• First digit = owner,
• second digit = group,
• third digit = others (everyone else),

Note: On some servers you may not see the numbers as shown above, what you see is rwxrwxrwx (777) or something similar.

Meaning of the numbers

• 777 means EVERYONE can read, write and execute ANY file.

This something you NEVER want to be allowed on your server/website unless you are absolutely sure you know what you are doing.

• 755 is rwx (owner), r-x (group) and r-x (others) or in other words everyone may read and execute (run) but only the owner(you) may make changes to the file.
• 644 is rw-, r--, r-- or EVERYONE can read the file but only the owner may write to the file.
• These permission can be applied to directories as well which is why you might see this drwxrwxrwx, the "d" is for directory.
• For a complete explanation read the Wikipedia article: Filesystem permissions

Additional reading

• Where can you learn more about file permissions?
• Why can't you install any extensions?
• Why are my file permissions wrong after upgrading
• What are the recommended file and directory permissions?
• How do you recursively adjust file and directory permissions?