File and folder permissions

In a typical UNIX-style file listing, a file will be displayed in the following way: -rwxr-xr-- 1 john staff 40 Jan 1 11:35 name-of.file The first symbol ("-") represents the type of file. In this case, it is a regular file; directories, for example, have a d there. The file permissions determine what type of access to that file an authenticated user has. The permissions are summarized in the following way: rwxr-xr-- r stands for read permission; w stands for write permission; x stands for execute permission. The permissions are divided into three parts: The first three characters (rwx) are for owner permissions. The owner of the file (the user john) can read the file, write (modify) it, and execute it in case it is executable. The next three characters (r-x) are for group permissions. Members of the staff group can read the file and execute it in case it is executable. The last three characters (r--) are for other (world) permissions. These are the permissions for everyone else on the system. Users other than john who are not members of the staff group can only read the file. For directories, the permissions have a slightly different meaning. For example: drwxr-x--- 1 john staff 4096 Jan 1 12:36 data/ Read determines if the user can get a list of the files in the directory; Write determines if the user can create or delete files in the directory. A point of interest in this case is that if a username has write access to the directory, the user can delete files that are in that directory even if the username has no write permissions for the particular files; Execute determines if the user can cd into the directory. To summarize: In this case, the owner (john) can do just about anything in the directory; Members of the staff group can list the contents of the directory and browse it; No one else is allowed access to the directory. Permissions are also often represented by digits. For example, 755 is the same as rwxr-xr-x. The permission bits correspond to a certain number: 4 stands for r, 2 for w, 1 for x. The reason for this is that in binary 100 (r--) is 4 in decimal; 10 (or 010, -w-) in binary is 2; and 1 (or 001, --x) in binary is 1 in decimal. This allows for adding the numbers together, which can give a number from 0 to 7 for each of the three parts of the permissions set.

Here you can find how to set file permissions for some of the most common web files and folders: pages, Perl and PHP scripts and data/config files, images and folders. Sometimes, incorrectly configured permissions may be a reason for "Forbidden" and "Internal Server Error" messages. In general, you need to have the following permissions for the files and folders on your site: PHP scripts, pages and images should be readable/writable by the owner and readable by the web visitor. This means that all HTML pages you have can be with permissions of 644 or higher - 664, 755, etc. Perl scripts should be readable/writable/executable by the owner and readable/executable by the web visitor - 755. data-config files can be readable/writable only by the owner - 400, 600. folder on your site must be readable/writable/executable by the owner and readable/executable by the web visitor - 755. Below is a brief explanation of what these numbers mean. --- (or 0) means no permission r-- (or 4) means read-only permission rw- (or 6) means read/write permission r-x (or 5) means read/execute permission rwx (or 7) means read/write/execute permission So, for example, 664 (rw-rw-r) represent the following permissions - read/write for the owner, read/write for the group, and read for the public (everyone else).Most scripts or installation instructions require that you CHMOD your script to 755. This means that you need to set its file permissions to 755. Note: File permissions higher than 775 are not necessary - both 755 and 775 will work. You can find detailed instructions on how to change file permissions using the Control Panel's File Manager section in the File Manager article from our online documentation. If you wish to change file permissions using your FTP software: 1. Log into your account and go to the directory where the files are located. 2. Highlight the file that you want to change permissions for. 3. Locate the "file permission" or "chmod" command on your FTP software (you may need to refer to the manual or help file) and apply the needed permissions. There should be three groups. Each group should have either checkboxes or a selection for the permission type.Usually, there will be a text box where you can type in the desired permissions - 775 for example and 3 sets of checkboxes.The first set of check boxes applies permissions for the "Owner", the second for the "Group" and the third for the "Public". You need to type or select the desired permissions and click OK. Your FTP program will update the file permissions on the server.

You do not need to use world-writable permissions on our servers. The 666 and 777 permissions are insecure as they allow other users on the server to change them. Permissions like 755 or 775 are sufficient for all applications as our servers are configured to run scripts as your own username (not as the web server), so you never need to give world-writable rights to your files and directories.

You can do this with any FTP program, such as CuteFTP, SmartFTP, or FileZilla (the last one is completely free). In most FTP programs, changing file permissions is as simple as right-clicking on the file, and choosing Permissions or CHMOD from the menu.Note: You should not be using "world-writable" (777 or 666) permissions or any other values that allow writing from everyone as this poses a security risk for your files and account.