WordPress.org

Ready to get started?Download WordPress

Forums

chmod to 777 an acceptable security risk? (4 posts)

  1. tug
    Member
    Posted 5 years ago #

    Please excuse what must be an elementary topic, but...

    I just installed WP on GoDaddy. I was just about to purchase and upload a premium theme when I noticed that the install required that I adjust the CHMOD to 777. As far as I can tell, this seems to be a security issue, yet, this seems to be the norm for WP theme installs. Can anyone shed some light here? Is 777 permission acceptable?

    Thanks

    tug

  2. Samuel B
    moderator
    Posted 5 years ago #

    No it is not acceptable for theme installs. If the theme can not be installed and work with files 644 and folders 755 it is a huge security risk. One folder at 777 on a shared server can/will get every site on that shared server hacked.
    Why the hec does the author state it needs 777 permissions? Ridiculous - unless you just use 777 for install then chmod back to 755.

  3. Georg Kevin Paquet
    Member
    Posted 5 years ago #

    Good point by samboll, it might be a trap if the author requires the theme to be 777.
    Anyways, did you try installing it already without CHMOD to 777?

  4. tug
    Member
    Posted 5 years ago #

    Sorry for such a long delay in this response. I did not realize there were responses to this post.

    My ignorance in this post. The chmod was not required to be changed for installation. The cache chmod required chmod change to 777 in order to utilize an image resizer only.

    All is well and checks out fine with WP-Security Scan. ;)

    Cheers

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags