Linux file permissions explained for web hosting
Understand what file permissions mean (rwx, 644, 755), how to read and set them in cPanel and via command line,
UnderHost NOC
Network Operations
On this page
File permissions on Linux control who can read, write, or execute each file or directory. Wrong permissions are a common cause of security vulnerabilities (too permissive) and access errors (too restrictive). Getting them right protects your site without breaking functionality.
Reading permission numbers
Permissions are expressed as three groups of three: owner | group | others. Each position is read (4), write (2), or execute (1):
| Number | Meaning | Letters |
|---|---|---|
| 7 | Read + Write + Execute | rwx |
| 6 | Read + Write | rw- |
| 5 | Read + Execute | r-x |
| 4 | Read only | r-- |
| 0 | No permissions | --- |
So 644 means: owner can read+write (6), group can read (4), others can read (4).
755 means: owner can read+write+execute (7), group can read+execute (5), others can read+execute (5).
Correct permissions for web hosting
| File type | Permission | Why |
|---|---|---|
| Regular files (PHP, HTML, CSS, JS) | 644 | Owner can edit; web server can read |
| Directories | 755 | Owner can manage; web server can traverse |
| wp-config.php | 600 | Only owner can read-contains DB credentials |
| Executable shell scripts | 755 | Must be executable to run |
| Upload directories | 755 | Web server needs write access; owner keeps control |
Permission 777 means anyone-including malicious scripts on the same server-can write to that file. This is a critical security vulnerability. If a plugin or tutorial tells you to set 777, find an alternative. 755 is the maximum safe permission for directories.
How to set permissions
In cPanel File Manager
- Right-click the file or folder
- Select Change Permissions
- Check or uncheck the permission boxes, or type the numeric value
- Click Change Permissions
Via command line (SSH / VPS)
Fix all files and directories in your WordPress installation:
# Set all directories to 755
find ~/public_html -type d -exec chmod 755 {} \;
# Set all files to 644
find ~/public_html -type f -exec chmod 644 {} \;
# Tighten wp-config.php
chmod 600 ~/public_html/wp-config.phpFile permission issues?
Our support team can help you set correct permissions for your website files.
