Permissions dictate who can do what with files and directories on a server (website). This is important because WordPress may need access to write to files in your wp-content directory to enable certain functions.
WordPress Permission Modes
7 5 5 user group world r+w+x r+x r+x 4+2+1 4+0+1 4+0+1 = 755
The permission mode for a file or directory is computed by adding up the following values for the user, the filegroup, and for everyone else. The diagram shows how.
- Read 4 – Allowed to read files
- Write 2 – Allowed to write/modify files
- eXecute1 – Read/write/delete/modify/directory
7 4 4 user group world r+w+x r r 4+2+1 4+0+0 4+0+0 = 744
WordPress Example Permission Modes
|0477||-r–rwxrwx||owner has read only (4), other and group has rwx (7)|
|0677||-rw-rwxrwx||owner has rw only(6), other and group has rwx (7)|
|0444||-r–r–r–||all have read only (4)|
|0666||-rw-rw-rw-||all have rw only (6)|
|0400||-r——–||owner has read only(4), group and others have no permission(0)|
|0600||-rw——-||owner has rw only, group and others have no permission|
|0470||-r–rwx—||owner has read only, group has rwx, others have no permission|
|0407||-r—–rwx||owner has read only, other has rwx, group has no permission|
|0670||-rw-rwx—||owner has rw only, group has rwx, others have no permission|
|0607||-rw—-rwx||owner has rw only, group has no permission and others have rwx|
Typically, all files should be owned by your user (ftp) account on your web server, and should be writable by that account. On shared hosts, files should never be owned by the webserver process itself (sometimes this is www, or apache, or nobody user). Any file that needs write access from WordPress should be owned or group-owned by the user account used by WordPress (which may be different than the server account). For example, you may have a user account that lets you FTP files back and forth to your server, but your server itself may run using a separate user, in a separate usergroup, such as dhapache or nobody. If WordPress is running as the FTP account, that account needs to have write access, i.e., be the owner of the files, or belong to a group that has write access. In the latter case, that would mean permissions are set more permissively than default (for example, 775 rather than 755 for folders, and 664 instead of 644).