The Support Forums will be in read-only mode for a scheduled maintenance window on 01 September 2016 14:00 UTC - 20:00 UTC. More information.

chmod to 777 an acceptable security risk? (4 posts)

  1. tug
    Posted 7 years ago #

    Please excuse what must be an elementary topic, but...

    I just installed WP on GoDaddy. I was just about to purchase and upload a premium theme when I noticed that the install required that I adjust the CHMOD to 777. As far as I can tell, this seems to be a security issue, yet, this seems to be the norm for WP theme installs. Can anyone shed some light here? Is 777 permission acceptable?



  2. Samuel B

    Posted 7 years ago #

    No it is not acceptable for theme installs. If the theme can not be installed and work with files 644 and folders 755 it is a huge security risk. One folder at 777 on a shared server can/will get every site on that shared server hacked.
    Why the hec does the author state it needs 777 permissions? Ridiculous - unless you just use 777 for install then chmod back to 755.

  3. Georg Kevin Paquet
    Posted 7 years ago #

    Good point by samboll, it might be a trap if the author requires the theme to be 777.
    Anyways, did you try installing it already without CHMOD to 777?

  4. tug
    Posted 7 years ago #

    Sorry for such a long delay in this response. I did not realize there were responses to this post.

    My ignorance in this post. The chmod was not required to be changed for installation. The cache chmod required chmod change to 777 in order to utilize an image resizer only.

    All is well and checks out fine with WP-Security Scan. ;)


Topic Closed

This topic has been closed to new replies.

About this Topic