Verifying permissions

From Joomla! Documentation

Revision as of 15:49, 19 October 2012 by Tom Hutchison (Talk | contribs)

Quill icon.png
Content is Incomplete

This article or section is incomplete, which means it may be lacking information. You are welcome to assist in its completion by editing it as well. If this article or section has not been edited in several days, please consider helping complete the content.
This article was last edited by Tom Hutchison (talk| contribs) 3 years ago. (Purge)

Recommended settings

  • Depending on the security configuration of your Web server the recommended default permissions is:
    • 755 for directories
    • 644 for files
    • Don't use extensions that require 777 permissions!
Stop hand nuvola.svg.png

Note: On file permissions, in general never use 777 if you don't know what you are doing.

Learning the numbers

Each octal digit corresponds to a group of three letters in a specific group. Therefore, the three digits also corresponds to each group as a set of permissions:

  -rwxrwxrwx (is broken up into the three distinct groups)
    \   \   \
    /   /    /
Owner Group Others (always in this order, Owner, Group, Others)
  7    7     7

 d stands for directory and shows as: drwxrwxrwx instead of -drwxrwxrwx


  • First digit = owner, or User
  • second digit = group (other Users on your server)
  • third digit = others (everyone else, the world!)

Note: On some servers you may not see the numbers as shown above, what you see is -rwxrwxrwx or something similar.

Meaning of the numbers

It is much easier to say the "octal" sum of a file or directory has 755 permissions than to call out the permissions:-rwxr-xr-x

The permission # is a three-digit octal number where the three digits correspond to the access rights of the user who owns the file, the group and other users. Each octal digit is the sum of the permissions granted. To make it easy to understand, just remember:

 r = Read    = 4
 w = Write   = 2
 x = Execute = 1

If read permission is granted the "octal" number is 4. Add 2 to 4 for a 6 if write permission is granted along with read permission. Then you can finally add 1 if execute permission is granted along with the Read and Write permission. If there are no permission at all, the sum is 0. Just do the Octal Math:

"Octal" # (r)ead (w)rite e(x)ecute User or Group or Others
0 no no no --- 0+0+0 = 0
1 no no yes --x 0+0+1 = 1
2 no yes no -w- 0+2+0 = 2
3 no yes yes -wx 0+2+1 = 3
4 yes no no r-- 4+0+0 = 4
5 yes no yes r-x 4+0+1 = 5
6 yes yes no rw- 4+2+0 = 6
7 yes yes yes rwx 4+2+1 = 7

Now it is time to put it all together. User, Group, Others(Everyone or the World) into a 3 digit "octal" permission.

  • 777 means EVERYONE can read, write and execute ANY file.
Stop hand nuvola.svg.png

This something you NEVER want to be allowed on your server/website unless you are absolutely sure you know what you are doing.

  • 755 is rwx (owner), r-x (group) and r-x (others) or in other words everyone may read and execute (run) but only the owner(you) may make changes to the file. It would look like this when it is all put together: -rwxr-xr-x
  • 644 is rw-, r--, r-- or EVERYONE can read the file but only the owner may write to the file.
  • Permissions can be applied to directories as well which is why you might see this drwxrwxrwx, the "d" is for directory.
  • For a complete explanation read the Wikipedia article: Filesystem permissions

Additional reading