WordPress.org

Forums

File and folder permissions (4 posts)

  1. DoRullings
    Member
    Posted 6 years ago #

    Hi

    I'm trying to find the most secure and working chmod for my WordPress uploads folder. I've done some reading at the installation FAQ / Changing File Permission and I got confused by this paragraph:

    You can make all the files in your wp-content directory writable in two steps, but before making every single file and folder writable you should first try safer alternatives like modifying just the directory. Try each of these commands first and if they dont work then go recursive, which will make even your themes image files writable. Replace DIR with the folder you want to write in

    chmod 746 -v DIR
    chmod 747 -v DIR
    chmod 756 -v DIR
    chmod 757 -v DIR
    chmod 764 -v DIR
    chmod 765 -v DIR
    chmod 766 -v DIR
    chmod 767 -v DIR

    If those fail to allow you to write, try them all again in order, except this time replace -v with -R, which will recursively change each file located in the folder. If after that you still cant write, you may now try 777.

    So to my question: Why is 747 more secure than 777? It still gives write permission to everyone?

    Regards,
    Thomas Gabrielsen

  2. Samuel B
    moderator
    Posted 6 years ago #

    actually 747 is
    owner - read, write, execute
    group - read
    public - read, write, execute
    -rwxr--rwx

  3. DoRullings
    Member
    Posted 6 years ago #

    Hi samboll

    Thanks for your reply.

    What I don't understand is why the author implying that this is more secure 777 since 747 gives write permission to everyone (public). Can you enlighten me please?

    edit: link to the article: http://codex.wordpress.org/Changing_File_Permissions

    Thanks,
    Thomas

  4. Samuel B
    moderator
    Posted 6 years ago #

    I think you misunderstand how the permissions work. The public needs rwx to read and execute the php files.
    The group is what you need to worry about.
    747 is way more secure than 777 as it doesn't allow any rwx for the group.
    If your host allows this and it works - use it.
    However in my experience most folders need 755 to work on most servers - which if the server is set up correctly is good to go.

Topic Closed

This topic has been closed to new replies.

About this Topic