Permissions can be very important when it comes to hosting your website. Permissions can allow our server computer to write and edit your files. Along with that, some files need to be protected from writing and editing, as a security measure. You can change your file permissions in many ways!

What are permissions?
Why are permissions a big deal?
Change Permissions with File Manager
Change Permissions with FTP
Change Permissions with SSH or a Script
Change Permissions with Other Formats
 

What are permissions?

File permissions determine what you are allowed to do and who is allowed to do it.
 

	Owner	Group	World
Read
Write
Execute

The columns are the three types of users:

• Owner - the owner is you, the person who has access to the cPanel or shell

• Group - the group is other people on your server

• World - the world is any visitor from the public (think world wide web)

Each row represents a permitted action for this file (or folder):

• Read means the user is allowed to view the file

• Write means the user is allowed to edit the file

• Execute means the user is allowed to run the file

It is very important that Group and World be able to view your website files. However, there are some files which you may not want anyone to see. If you remove the tick mark for Read under Group and World, then the file will not show in anyone's browser (instead visitors will see a 403 Forbidden error).

In File Manager

Permissions are expressed as numbers. We are only concerned with three digits, so if you see four digits, then ignore the first one. Thus 0755 is the same as 755.

The numbers represent a combination of each unique permission. Also, the first of the three digits represents the permissions for the Owner. The second digit represents the Group. The third digit represents the World.

• Read is equal to 4

• Write is equal to 2

• Execute is equal to 1

• No permissions for a user is equal to 0

Thus...

• Write and Execute without Read is equal to 3

• Read and Execute without Write is equal to 5

• Read and Write without Execute is equal to 6

• Read and Write and Execute is equal to 7

At this point, all you need to know is that your files should always have permissions of 644 or 755. (For most files, it doesn't matter if you give the executable permission or not. You won't see any difference.)

However, folders must always be 755.

One more rule. Any files inside the cgi-bin folder must have 755 permissions.

Why are permissions a big deal?

Giving writable permissions to Group and World are the main concerns because this allows hackers from the world wide web to edit your files. The last two digits of file permissions should never be 2, 3, 6, or 7 for this reason entirely.

The problem is, when you install a PHP script the script needs permission to edit files. Traditionally, PHP is treated as 'nobody' on the server. Therefore, PHP is treated the same an any unknown visitor and must obey the permissions granted to World.

The solution to this conflict is to treat PHP as the Owner.

With suPHP, all PHP scripts are allowed the same permissions as the Owner, and outside visitors are still restricted by the World permissions. Therefore, 755 is the perfect number; it allows all actions for PHP and only reading/viewing for potential hackers.

Change Permissions with File Manager

One of the easy and basic ways to change the permissions is through File Manager in cPanel. To change the permissions for a file or folder in cPanel:

1. Log in to cPanel

2. Click File Manager from the Files section 
   
   

3. Make sure the 'public_html/www' option is ticked and your website is visible in the dropdown; click the Go button

4. Click the name of the file for which you would like to change the permissions 
   
   

5. Click the Permissions link at the top right of the page

6. Select the permissions you would like to set for the file 
   
   

7. Click the Change Permissions button when you've ticked all the desired permissions options

Change Permissions with FTP

1. Connect to FTP

2. Navigate to the file you want to change permissions for and right-click on it

3. Choose Permissions (or Attributes or Properties, depending on your FTP software)

Change Permissions with SSH or a Script

You can change permissions this way using the 'chmod' command in Terminal or similar.

Change Permissions with Other Formats

Permissions can be expressed many ways. You have already seen the two-dimensional matrix and the three or four digit numbers.

However, if you prefer to use the Linux shell (SSH), then file permissions will look like this:

​drwxr-xr-x

You can ignore the very first character; it represents the file type rather than permissions. Next, you see three letters which represent the Owner's permissions.

• r = read

• w = write

• x = execute

• - (hyphen) = no permission

The Owner will normally have all three permissions, which is represented by rwx.

The next three characters represent the Group's permissions. Finally, the last three characters represent the World's permissions.

Notice that Group and World do not get the writable permission. In place of the 'w' will be a hyphen, meaning that write is definitely not allowed: r-x.

Here are some conversions to consider.

2D Matrix	Numerical Representation	Linux Representation
	755 or 0755 Recommended!	drwxr-xr-x
	644 or 0644 Recommended!	drw-r--r--
	700 or 0700	drwx------
	777 or 0777 Not recommended!	drwxrwxrwx