Wordpress Security

What are the recommended file permissions for my WordPress website?

The default permission scheme as recommended by the WordPress documentation should be:

  • Folders – 755
  • Files – 644

There a number of ways to accomplish this change. There are also a number of variations to these permissions that include changing them to be more restrictive. These however are the default recommendations. Check with your host before making permissions changes as they can have adverse affects on the performance and availability of your site.

Avoid having any file or directory set to 777.

You can read more about WordPress updates and file ownership on the Updating WordPress codex page.

Changing file permissions

Via command line you can run the following commands to change permissions recursively:

For Directories:

find /path/to/your/wordpress/install/ -type d -exec chmod 755 {} \;

For Files:

find /path/to/your/wordpress/install/ -type f -exec chmod 644 {} \;

You can also do this via your favorite FTP/SFTP client.