Change the Permissions of a File
Posted by - NA - on 20 June 2005 04:49 PM
Permissions can be very important when it comes to hosting your website. Permissions can allow our server computer to write and edit your files. Along with that, some files need to be protected from writing and editing, as a security measure. You can change your file permissions in many ways!
What are permissions?
Why are permissions a big deal?
Change Permissions with File Manager
Change Permissions with FTP
Change Permissions with SSH or a Script
Change Permissions with Other Formats
File permissions determine what you are allowed to do and who is allowed to do it.
Each row represents a permitted action for this file (or folder):
It is very important that Group and World be able to view your website files. However, there are some files which you may not want anyone to see. If you remove the tick mark for Read under Group and World, then the file will not show in anyone's browser (instead visitors will see a 403 Forbidden error).
In File Manager
Permissions are expressed as numbers. We are only concerned with three digits, so if you see four digits, then ignore the first one. Thus 0755 is the same as 755.
The numbers represent a combination of each unique permission. Also, the first of the three digits represents the permissions for the Owner. The second digit represents the Group. The third digit represents the World.
At this point, all you need to know is that your files should always have permissions of 644 or 755. (For most files, it doesn't matter if you give the executable permission or not. You won't see any difference.)
However, folders must always be 755.
One more rule. Any files inside the cgi-bin folder must have 755 permissions.
Giving writable permissions to Group and World are the main concerns because this allows hackers from the world wide web to edit your files. The last two digits of file permissions should never be 2, 3, 6, or 7 for this reason entirely.
The problem is, when you install a PHP script the script needs permission to edit files. Traditionally, PHP is treated as 'nobody' on the server. Therefore, PHP is treated the same an any unknown visitor and must obey the permissions granted to World.
The solution to this conflict is to treat PHP as the Owner.
With suPHP, all PHP scripts are allowed the same permissions as the Owner, and outside visitors are still restricted by the World permissions. Therefore, 755 is the perfect number; it allows all actions for PHP and only reading/viewing for potential hackers.
One of the easy and basic ways to change the permissions is through File Manager in cPanel. To change the permissions for a file or folder in cPanel:
You can change permissions this way using the 'chmod' command in Terminal or similar.
Permissions can be expressed many ways. You have already seen the two-dimensional matrix and the three or four digit numbers.
However, if you prefer to use the Linux shell (SSH), then file permissions will look like this:
You can ignore the very first character; it represents the file type rather than permissions. Next, you see three letters which represent the Owner's permissions.
The Owner will normally have all three permissions, which is represented by rwx.
The next three characters represent the Group's permissions. Finally, the last three characters represent the World's permissions.
Notice that Group and World do not get the writable permission. In place of the 'w' will be a hyphen, meaning that write is definitely not allowed: r-x.
Here are some conversions to consider.