On web hosting systems, different folders and directories have different permissions. This means that you can specify who and what can read, write and execute files. This is important because content management systems like WordPress will need to write to directories such as wp-content.

Permissions are easily changed within an FTP client. It is usually under directory settings, file persmissions or chmod.

All files should be owned by the user account on your web server and writable by your username. Never give ownership to the webserver process itself (usually www or apache).

Any file that your content management system needs access to should be group-owned by the user account used by the webserver. For example you will have a user account which you use to login to your FTP client. Your server will then have a separate user to this which may be called dhapache or nobody.

In WordPress, advanced plugins may need high permission levels, such as 755 or 777.

Before you set important directories like WordPress’ wp-content folder to 777, check your server configuration. The username you use to FTP into your hosting is most likely not the username used by the server to serve pages.

The username used to serve pages (e.g. dhapache) should have limited access to files on the server, to restrict access to all users – including the world (everyone). By setting permissions to 777, you are literally giving the world access to your folder.

This means that anyone can gain access to this folder and hijack the files, installing all the viruses and malicious software they want. You should normally only ever need to go as high as 767, so double check your reasoning when you think you need 777 permissions.

In WordPress, your folders should be set to 755 and your files should be set to 644.

The best way to ensure your web files are safe is to add the FTP user and any other users that need to manage “web” files to the apache or www-data group.

We can check that you have all your settings correctly set up to ensure your website and hosting account function to the best of their abilities. We are experts in web design and web development.