Understanding File Permissions
 

There are three user categories: User (the owner of the file), Group (the security group you are in), and Other (for the world to see). Each category has three permissions that can be set: r, w, and x to read, write, and execute a file, respectively. Permissions consist of three numbers: 4 for Read, 2 for Write, and 1 for Execute access. By adding these numbers together, you form the permissions that make up one digit. This table can be used as a quick reference:

 

User

Group

Other

Read = 4

x

x

x

Write = 2

x

 

 

Execute = 1

x

x

x

Totals

(4+2+1) = 7

(4 + 1) = 5

(4 + 1) = 5

For example, 4 + 2 + 1 = 7, which grants read, write, and execute permissions; 4 + 1 = 5, which grants only read and execute permissions. Thus, 755 grants 7 (read, write, execute) to the owner of the file, and 5 (read and execute) to the group the file is in and 5 (read and execute) to the world. Each digit corresponds to a set of permissions (read, write, or execute) and the position of the digit corresponds to the user category (left = owner, middle = group, right = other). The single-digit numbers are defined for all three user categories as the following:

0

 - - -

no access

1

- - x

execute only  

2

- w -

write access only

3

- w x

write and execute

4

r - -

read only

5

r - x

read and execute

6

r w -

read and write

7

r w x

read, write and execute (full access)

Some file permission examples:

777 - all can read/write/execute (full access).
755 - owner can read/write/execute, group/others can read/execute.
644 - owner can read/write, group/others can read only.

Some directory permission examples:

777 - all can read/write/search.
755 - owner can read/write/search, others and group can only search.

Common permissions settings:

777 - directories with proper permissions on files in directory, use this one very carefully
755 - web store folder, CGI scripts
751 - log folder
701 - webalizer and modlogan folders
666 - data files
644 - configuration files (files not updated by scripts, html, gif,etc...)

You can change file permissions with the Web Shell File Manager

You can change file permissions with some FTP transfer programs such as  WS_FTP.

Warning: You may be tempted to simply use chmod 777 on all the files and directories since that assures the Web server can do anything with the files. However, it is strongly advised that you do not leave the files in this state. It is considered a major security risk to leave your scripts open to changes by the Web server instead of being read-only. We recommend you consult with your programmers to set your file permissions properly.