Fixed wordpress file system permissions

I’ve had a problem in the past where I would get error messages from wordpress when attempting to install plugins because it did not have the file system permissions it needed. I ended up setting the wp-content directory access to 777 temporarily and then reverting to 755 when done (allow read/execute only).

There should be no need for that and I finally dug in and figured out what’s going on and setup my permissions more comprehensively too.

Reading this guide was a great way to review some file system basics with practical examples that apply to wordpress sites. Based on recommendations I found there, I ended up with the following unix commands to set permissions (as executed from the wordpress parent directory where wp-content etc. are).

These commands do two things:

  • Make the http group be both the owner and group for files.
  • Set individual read/write/execute permissions on specific directories and files.

Enter commands in the top-level parent of the site. For example if the wp-config.php is in a directory of “walter” the commands would read as follows:

chown -R http:http walter
chmod 755 walter
cd walter
find . -type f -exec chmod 664 {} +
find . -type d -exec chmod 755 {} +
chmod 644 .htaccess
chmod 644 wp-admin/index.php
chmod 400 wp-config.php

Additional File Security

No reason to advertise details about the wordpress site that’s visible to hackers.

rm readme.html
rm license.txt
rm wp-admin/install.php
rm wp-admin/upgrade.php

Leave a Comment