A Linux file system is made up of users, groups and files. The files need the appropriate permissions so that users can work with them.
File permissions
In order to create, remove, update and delete files on your linux system. Files and folders need to have the correct permissions. Heres a list of some of the most common commands.
List users of the file system
List all files and folders in current directory with file permissions and ownerships
Change permissions of a single file or folder
Change all files and folder permissions
Recursively change all the files in the directory permissions to 755, and all file permissions to 644:
1
2
| sudo find /var/www/html/ -type d -exec chmod 775 {} \;
sudo find /var/www/html/ -type f -exec chmod 664 {} \;
|
View the permission settings of a specific directory
This will output lots of file information but also permission information in octal format
Return the numeric value of a directory
1
| stat -c %a directory_name
|
See what groups a user belongs to
Change file and folder ownership to the current logged in user Recursively
1
| sudo chown -R $USER:www-data /var/www/html
|
How symbolic permissions map to numeric codes:
1
2
3
| r (read) is 4
w (write) is 2
x (execute) is 1
|
So:
1
2
3
| rwx (read, write, execute) is 7
r-x (read, execute) is 5
r-- (read only) is 4
|
For example, rwxr-xr-x corresponds to:
1
2
3
| Owner: rwx = 7
Group: r-x = 5
Others: r-x = 5
|
Wordpress file permissions
WordPress file permissions are settings that dictate who can read, write, or execute files and directories within a WordPress installation. These permissions are crucial for maintaining the security and proper functioning of the WordPress site.
The three primary types of file permissions are:
- Read (r): Allows viewing the contents of a file or the names of files within a directory.
- Write (w): Permits the modification of a file or the addition/removal of files within a directory.
- Execute (x): Grants the ability to run a script or access the contents of a directory.
WordPress file permissions are important for several reasons:
- Security: Proper file permissions help protect your WordPress site from unauthorized access, tampering, and potential security vulnerabilities. Restricting write permissions to essential directories reduces the risk of malicious activities.
- Functionality: Correct permissions are essential for the proper functioning of WordPress, its themes, plugins, and the ability to upload media. Incorrect permissions can lead to errors and issues with site functionality.
- Updates and Installations: WordPress often requires write permissions to directories for updates, installations, and plugin/theme management. Ensuring the right permissions allow these processes to occur seamlessly.
- User Data Protection: By setting appropriate permissions, you can prevent unauthorized users or scripts from modifying or deleting critical files, helping to safeguard user data stored on the website.
To maintain proper WordPress file permissions, it’s recommended to follow security best practices, such as setting the correct ownership and permissions for directories and files, keeping WordPress core, themes, and plugins up-to-date, and regularly monitoring and auditing file permissions for potential vulnerabilities.
Change all file and folder permissions
Recursively change all directory permission to 755 and all file permissions to 644:
1
2
| sudo find /var/www/yoursite/ -type d -exec chmod 775 {} \;
sudo find /var/www/yoursite/ -type f -exec chmod 664 {} \;
|
Change file and folder ownership to the current logged in user Recursively
Switch user to non root user with sudo priviledges, and make the logged in user the owner
1
2
| su nonroot
sudo chown -R $USER:www-data /var/www/yoursite
|
Permissions for wp-content folder
1
| sudo chown -R www-data:www-data /var/www/yoursite/wp-content
|