Posted 2 years ago #
Hello, I have been using the WP Security Scan plugin for about a month now on two of my blogs and every now and then the file permissions for my root folder read 750. I set them back to 755 which is what the plugin recommends but after maybe one week or so they are back to 750.
Has anyone experienced this problem before?
The default permission value for your hosting provider's root folder is actually 750, which is more secure than 755. More than likely, your hosting provider or an automated process on your server is resetting the root directory to the correct permission value after you make the change.
I'm not sure why WP Security Scan is recommending 755, as 750 is standard for the root directory and more secure.
Keep in mind, however, that a minimum of 755 is required for all directories within the root directory. They won't work with anything less.
Posted 2 years ago #
I thought the same thing, and I guess you are correct but I contacted my hosting provider (through live chat) and they told me that it might be WordPress scripts doing this. The funny thing is that I have other blogs that the permission never changes on, on the same server.
I did mention I contacted them (through live chat) because their assistance is usually not the official technical support. I guess I was just worried about it. Thanks for your response.
You're welcome!
Not all servers are configured the same, so some may use 755 on the root directory, but it's not common. Unfortunately, a lot of hosting companies out-source their support, so they usually don't have any sort of knowledge about the inner-workings of the servers that they're supporting.
Posted 1 year ago #
I asked my webhoster (one of the top 5 in world. Everbody knows who they are) about this, and below is his response. He is a: Linux Administrator / Network Security Administrator
Hello,
This plugin is worthless, and is not designed to operate in our environment. I fail to see the logic in the statement that 755 is more acceptable than 750; 750 represents that world (ie, everyone but the owner and their group) have no permissions ( octal zero ) for that file/directory. suPHP (which we use in this environment for security) requires that public_html be 750 so that nobody but the owner and group membership members be permitted to descend into it.
Therefore to answer your question, yes, I can most definitely confirm, both from a logical standpoint and a systems admin standpoint that 750 is an infinitely better permissions permutation than 755, which would give read and execute access to world on the entire tree unless otherwise specified.
This topic has been closed to new replies.
