• Support Home
  • Knowledgebase
  • FAQs
  • Getting Started
  • Support Home
  • Knowledgebase
  • FAQs
  • Getting Started
home/Knowledge Base/WP Hardening/The Correct WordPress File and Folder Permissions
Popular Search:Whitelisting a URL, Google Bot , Migrate Astra

The Correct WordPress File and Folder Permissions

November 19, 2019 April 3, 2020

Wrong file permissions can cause errors in accessing and executing files on your WordPress website. There are services and servers that need certain sets of permissions to work efficiently. Further, it can also be a security risk.

I have listed below the recommended file permissions you should set at once on your website:

  1. For wp-config.php = 400/440

  2. For all .php files = 644

  3. For index.php = 644/444

  4. For wp-content folder = 755

  5. For wp-includes folder = 755

  6. For wp-content/uploads folder = 755

  7. For all the files in general = 644

  8. For all folders in general = 755

Check out this blog to learn the step-by-step process of setting WordPress file permissions.

Tags:400440444644755all filesall foldersFile permissions on WordPressindex.phpPHPuploadsWhat are file & folder permissions?wp-configwp-contentwp-includes

Was this helpful?

2 Yes  No
Related Articles
  • How To Change Your Default WP Admin URL Using WP Hardening?
  • Why You Should Hide Your WordPress Version Number?
  • Why You Should Stop User Enumeration in WordPress?
  • Why You Should Remove WordPress Meta Generator Tag?
  • Why you should disable XMLRPC in your WordPress?
  • Why You Should Update PHP Version in WordPress?
WP Hardening
  • The Correct WordPress File and Folder Permissions
  • How To Change Your Default WP Admin URL Using WP Hardening?
  • Why You Should Hide Your WordPress Version Number?
  • Why You Should Stop User Enumeration in WordPress?
  • Why You Should Remove WordPress Meta Generator Tag?
  • Why you should disable XMLRPC in your WordPress?
View All 7  
Popular Articles
  • How to install SQLite for PHP on my Apache/nginx server?
  • Fixing Missing HTTP Security Headers
  • How to enable SQLite in your cPanel/hosting account
  • Whitelisting an IP on your website using Astra
  • How to rename admin folder name in OpenCart 1.5 & vQmod?
KB Categories
  • Agency
  • Billing & Payments
  • Community Security
  • Getting Started
  • Malware Scanner
  • Securing OpenCart
  • Security Audit – FAQ
  • Security Best Practices
  • Support
  • ThemeCloud
  • Threats Stopped – FAQ
  • Troubleshoot
  • Using ASTRA Firewall
  • WP Hardening

Astra Website Security

Product
  • Astra Security
  • Pricing
  • Plan Comparison
  • Malware Removal
  • Resources
Solutions
  • Website Malware Cleanup
  • WordPress Security
  • Magento Security
  • OpenCart Security
  • Joomla Security
Join Our Community
  • KnowledgeBase
  • FAQ
  • Getting Started
  • How To Use Astra
  • Support Ticket
  • Privacy Policy
  • Terms of Use
  • © 2020 Astra IT Inc. All Rights Reserved.

Popular Search:Whitelisting a URL, Google Bot , Migrate Astra