Why Do You Need to Know About File/Folder Permissions?
Each of the files and folders (UNIX machines) in your cPanel/WHM account has access permissions. File Permission tells the operating system how to deal with requests to access the files. These permissions basically control the user’s ability to read, write, edit, execute and revise these files and folders. Once you create files, the control panel automatically assigns default permissions on each of the files. When you set a permission, you can choose who among your users can perform these actions. In most cases, your users won’t need to make changes to these permissions but sometimes certain update, installation, etc. may require a file permissions change.
Permission Types :
There are three types of basic access permissions:
- Read – Files with read access allows the file to be opened, read and can be viewed its contents by the user. The read permission is denoted by the letter r or the number 4.
- Write – Files with write access can be modified by the user. The write permission is denoted by the letter w or the number 2.
- Execute – Files with execute access can be executed as programs by the user, and directories with execute access enabled can be accessed by the user. The execute permission is denoted by the letter x or the number 1.
User Types :
All three access permissions are set for three types of user groups:
- User: The owner of the site.
- Group: Other users who are in the same group such as the members of a site, that can also have access to other files which are in the same folder or group.
- World: This access type is for anyone with an internet connection who tries to view files.
The access level is defined in numbers:
0 – no access to the file
1 – execute only
2 – write only
3 – write and execute
4 – read only
5 – read and execute
6 – read and write
7 – read, write and execute (full permissions)
Here are some examples of the required permission settings for some of the most important files and folders in order for your files to be displayed properly in the browser :
- public_html – need to set 0750
- All directories, folders – need to set 0755. (The folders will be readable and executed by others, but writable by the user only. These permissions are set automatically when the folder is created.)
- CGI and Perl scripts – need to set 0755. (The files can be readable and executed by others, but writable by the user only. In that case, you cannot set automatically file permissions. Once the file is created, you have to adjust them manually.)
- Image files, .html .php and other Document Types – need to set 0644. (The files can be readable by all the user groups, but writable by the user only. These permissions are set automatically when the file is created.)
- WordPress installation – such as wp-config.php, you can set the permission to 600 when need.
- .htaccess – The recommended setting is 0644. If you would like this file to be more secure you can set it to 0604 in most cases.
This is very important to know that your files should always have permissions of 0644 or 0755. (For most files, it doesn’t matter if you give the executable permission or not. You won’t see any difference.)
How to change file permissions settings
You can view file/folder permissions either via File Manager in cPanel or SSH command line.
Log into your cPanel, go to Files > File Manager :
If you want to change the permissions for the main domain name, go to public_html folder. For the addon domain name files, go to public_html/addondomain.com or /addondomain.com folder.
In the below image we can see the permissions for each file listed on the right side of the screen. Probably the most important thing to keep in mind is that certain file types and folders should be set to particular permissions.
To edit the current permissions for a certain file/folder, right-click on it and choose Change Permissions. A related window will pop up:
Click Change Permissions button to save the changes.
What you should do when permissions settings are wrong
Incorrect file permissions in cPanel/WHM can cause errors, even allow unauthorized users to hack your site. Incorrect settings on permissions can give unauthorized users the ability and the access they need to hack your website or even launch attacks to make a site more vulnerable. One important thing you have to remember that 777 permissions mean that your file is readable, writeable and executable by the “world”. If you find files or folders with permissions that do not match the default permissions, it’s usually best to change them to the recommended permissions. Another thing to note is that, once you locate files and directories that have permissions different to that of the default ones, change them back to the recommended settings.