How to set correct file permissions for WordPress

Setting the correct file permissions for your WordPress site is crucial for its security and smooth operation. In this guide, we'll walk you through the steps to ensure that your WordPress files have the right permissions to keep your site safe and secure.

First, you'll need access to your WordPress files either via FTP, SSH, or your hosting control panel. Once you're logged in, navigate to the root directory of your WordPress installation (this is where the wp-config.php file located).

Directories (folders) in WordPress should typically have permissions set to 755. This ensures that the owner can read, write, and execute files within the directory, while others can only read and execute. To set directory permissions, use the following command:

find . -type d -exec chmod 755 {} \;

WordPress core files, including PHP files, should generally have permissions set to 644. This grants the owner read and write permissions, while others have only read access. To set file permissions, use the following command:

find . -type f -exec chmod 644 {} \;

This command sets all files within the WordPress directory to have the desired permissions.

The wp-config.php file contains sensitive information such as database credentials and security keys. It should have permissions set to 600 to restrict access only to the owner. To set permissions for wp-config.php, use the following command:

chmod 600 wp-config.php

From this point on, you can manage access to uploaded files (typically those that live in the wp-content/uploads folder) with free AAM Protected Media Files add-on.