Understanding File Permissions (644 and 755)
File permissions control who can read, write and execute your files. Getting them right keeps your site both working and secure — and avoids the dangerous 777.
Step-by-step
- Understand the three numbers. Permissions like 644 represent owner, group and "everyone" — each a sum of read (4), write (2) and execute (1).
- Use 644 for files. Owner can read/write (6), others can read (4). This is correct for almost all web files.
- Use 755 for folders. Owner full (7), others read and enter (5). Folders need "execute" to be browsable.
- Protect sensitive config files like wp-config.php with 600 or 640 so others cannot read them.
- Never use 777. It lets anyone write to a file — a serious security hole and a common cause of 500 errors.
- Set permissions via File Manager (right-click → Change Permissions) — see changing permissions.
💡 Good to know
- If a guide ever tells you to "set 777 to fix it", find a better solution — it is unsafe.
- Most CMS software sets correct permissions automatically on install.
- Wrong permissions cause both "forbidden" errors (too strict) and security risks (too loose).