WordPress File Permission: A Guide to Securing Your Website

For ensure the overall security of your WordPress website, WordPress file permission and ownership plays a main role. Because of that, you should have the knowledge to use them right ways. Through this article, we provide to you that knowledge regarding WordPress file permission.

Through the simplicity of WordPress, we can identify the most popular CMS system in WordPress. If you are intending to use the platform, you should have confirmed the security of your WordPress site. To ensure the security of your Website, there are many reasons are available to confirm. But you highly concern on the set up the correct WordPress file permission

What are WordPress file permissions?

It is determine by the WordPress file permission, which will be able to access the files, which are available in your WordPress. This WordPress file permission is being an essential feature to organized and manage files and folders. Your WordPress website and visitors of your website may be face to significant risk, if you are fail to set up the WordPress file permission.

The incorrect WordPress file permission may be lead to provide access opportunity to hackers (Who are your website resides) for your admin account and potentially your entire server. This is allow them to read, write and executed sensitivity files including the addition of malicious codes that run malware inside the backend of your site.

If your WordPress site used several users such as contributors of blog posts or news pieces, it will help you to protect you from threat of internal mistakes (honest or otherwise) through right file permissions. And also it offers a protection layer against to attackers.

Within the protection method of the WordPress, the file permission is not only key element of the WordPress security best practices. It confirm that the right execution of files through making them a key aspect for the site’s function.

Setting up WordPress file permissions: FTP v cPanel

Before set up the file permission, you have to knowledge regarding the client which you use for the management of your website’s files. According to that, there are available two common solutions as FTP and cPanel. Now we will focus on these two options and will get knowledge regarding them.


Using an FTP client, you may have to set the permission of the files and folder using chmod or set permission from the menu. For that, you can follow this process. First of all, open the files and folder. There will be clearly display the permission column.

You will be able to observe a sequence of letters and hyphens on each file. In characters you will see any (singular or combined) of the following:

For the individual groups and users, they have a certain way to show the settings. For that click on the set permission, this is located in menu on the FTP client. Through that, it makes the necessary changes.

There can be seen octal numbers when you use the chmod. The each number has specific meaning. Now we will see the meaning of these numbers;


This option, which usage of file manager of cPanel is equally easy. After you entered to the portal, you can click on change permission. Then it will bring up a popup box that shows a number of checkboxes. Then you have to select the right permission for the appropriate users and groups in relation to each file and folder through tick and untick.

WordPress file permissions: The components

When you handle your WordPress site, there are available different file types and folders. For these different files and folders required alterations to the permissions for internal and external security measures. It will appear in the various folders and directories from inside the panel. You will be able to go a long way to aiding your cause through getting little understand of each element.

WordPress file permission suggestions

    Relative Path            Suggestion

          /                     755

    wp- includes                 755

    wp-admin                 755

    wp- admin/ js                 755

    wp- content/ themes             755

    wp- content/ plugins       


    wp- content/ uplods              755

    wp- config.php              444

    .htaccess                  444

Correct file permissions for the wp-content folder

In a WP- content folder consist with the data which are related to the themes, plugins and uploads to your WordPress account. Trough editing the files, which are included in this folder, will significantly impact to the website. And also it makes a target for prospective hackers.

It is important to setting the permission of the folder with ability only owner can write and execute permission.

According to above mention octal numbers, set the file permission to 755, and 644 use for files which are located in the folder. It will provide the appropriate protection against unauthorized access.

Correct file permissions for the wp-includes

There is including the important files located in the WP- includes folder. These files are needed for the API and functioning of your site. Because of that, we can recommend to use the 755 value for the file permission.

Correct file permission for folders

Usually, set the 755 is be the best option for all other folders as well as. Through that option, it gives you full access. But others received limited authority.

Correct file permission for wp-config

The wp-config file is also one of most important file other files. In the file store the data which are configuration and database-connection information. The 444 option is most suitable for it and through the permission users and groups have an ability to read the file but cannot write or execute.

It is most match for the PHP file within the wp= root.

Using the iThemes security plugin to check your WordPress file permissions

iThemes Security is a WordPress Security plugin and it designed to harden and lockdown the WordPress site. It is setting the lists file and directory permissions of key areas of the site by the file permissions.

First, you find the setting page from the iTheme Security plugin menu. There is an option called as the File Permissions module. Find it.

Now click on the Show Details button, and then you can see your file permission. Then, it will be provide a report of the status of your permission by the security of the items.


It is your responsibility to ensure the security of your WordPress site. The correct file permission setting also is able to provide the security of your website. The File permission settings confirm that your website isn’t open to attacks caused by unauthorized edits to files. And it does not arise the simple error by causing accidently problem.

When there has the correct file permission in your WordPress site.  And if it has been received the support of the WordPress security pligin like iTheme Security, Then your WordPress site is with a super protection.

Through this article we discuss about the File permission option of the WordPress. Through referring this article, you will be able to get knowledge regarding the way of set up the file permission in the correct way.

Exit mobile version