Setting File and Folder Permissions in cPanel

Properly setting file and folder permissions is crucial for both website security and functionality. This guide explains how to manage permissions in your dotCanada.com hosting account using cPanel's File Manager.

Understanding File Permissions

File permissions determine who can read, write (modify), or execute files on your web server. In Linux systems (which power your hosting), permissions are represented by:

  • Numeric values: Three-digit numbers like 644 or 755
  • Symbolic notation: Letters like rwxr-xr-x

The permissions apply to three user groups:

  • Owner: You, the account holder
  • Group: Other users in your server group
  • World: Anyone accessing your website

For each group, you can set three types of permissions:

  • Read (r or 4): Ability to view the file/folder contents
  • Write (w or 2): Ability to modify the file/folder
  • Execute (x or 1): Ability to run scripts or access folder contents

Common Permission Settings

Permission Numeric Value Recommended For Description
644 rw-r--r-- Normal files Owner can read/write; everyone else can only read
640 rw-r----- Sensitive files Owner can read/write; group can read; world has no access
755 rwxr-xr-x Folders, Scripts Owner can do anything; everyone else can read and execute
750 rwxr-x--- Secure folders Owner can do anything; group can read and execute; world has no access
777 rwxrwxrwx RARELY needed Everyone can do anything (major security risk, avoid when possible)
Security Warning: Avoid setting 777 permissions unless absolutely necessary, as this gives everyone full access to your files and creates serious security vulnerabilities.

How to Change Permissions in cPanel File Manager

Method 1: Changing a Single File or Folder

  1. Log in to your cPanel account at https://{hostname}.mysecureservers.com:2087
  2. In the search box at the top, type "File Manager" or navigate to the FILES section
  3. Click on File Manager
  4. Navigate to the file or folder you want to modify
  5. Right-click on the file/folder and select Change Permissions (or select the file and click "Permissions" in the top toolbar)
  6. A permissions dialog box will appear with checkboxes for each permission type:
    • The dialog shows permissions for Owner, Group, and World
    • Check or uncheck boxes to set Read, Write, and Execute permissions
    • The numeric value will update automatically as you change the checkboxes
  7. Alternatively, you can enter the numeric value (e.g., 644 or 755) directly
  8. Click Change Permissions to save your changes

Method 2: Changing Multiple Files or Folders at Once

  1. In File Manager, navigate to the directory containing your files
  2. Select multiple files/folders by:
    • Holding down Ctrl (or Command on Mac) while clicking each file
    • Or using Shift+click to select a range of files
  3. Click Permissions in the top toolbar
  4. Set the permissions as described in Method 1
  5. Click Change Permissions to apply the changes to all selected files/folders

Method 3: Recursive Permission Changes (for Folders and Their Contents)

  1. In File Manager, right-click on a folder and select Change Permissions
  2. Set the desired permissions
  3. Check the box labeled Recursively change permissions on all files and folders (or similar wording)
  4. Click Change Permissions
  5. This will apply the permissions to the folder and everything inside it
Pro Tip: When using recursive permissions, you might want to set different permissions for files vs. folders. In that case, you may need to perform two separate operations - once for files (e.g., 644) and once for directories (e.g., 755).

Recommended Permission Settings by File Type

  • HTML files (.html, .htm): 644
  • CSS files (.css): 644
  • JavaScript files (.js): 644
  • Image files (.jpg, .png, .gif, etc.): 644
  • PDF files (.pdf): 644
  • Text files (.txt): 644

  • PHP files (.php): 644
  • CGI scripts (.cgi, .pl): 755
  • Python scripts (.py): 755
  • Shell scripts (.sh): 755

Note: PHP files typically only need 644 permissions because they're executed by the web server process, not directly.

  • Standard web directories: 755
  • Upload directories (for scripts): 755 (some may require 777 temporarily)
  • Private directories (outside web root): 750

  • WordPress wp-config.php: 640 or 600
  • .htaccess: 644
  • Database configuration files: 640 or 600
  • Password-containing files: 600

WordPress
  • Most files: 644
  • wp-config.php: 600
  • Directories: 755
  • wp-content/uploads: 755
Joomla
  • Most files: 644
  • configuration.php: 600
  • Directories: 755
  • media folder: 755
Drupal
  • Most files: 644
  • settings.php: 600
  • Directories: 755
  • sites/default/files: 755

Troubleshooting Permission Issues

Common Permission-Related Problems

  • "403 Forbidden" errors: Usually indicates execute permission is missing on a directory or read permission is missing on a file
  • "500 Internal Server Error": Can be caused by incorrect permissions on script files
  • "Unable to write to file" errors in CMS systems: Usually indicates that a directory needs write permission
  • Plugin/theme installation failures: Often requires temporary write permissions on specific directories
  • Image upload failures: Usually indicates missing write permissions on upload directories

Fixing Common Permission Issues

  • For upload issues: Set the uploads folder to 755
  • For PHP execution errors: Ensure PHP files are 644
  • For directory browsing issues: Ensure directories are 755
  • For script execution errors: Ensure scripts that need to execute are 755
Security Note: If a script or application requests 777 permissions, this is often a red flag. Consider if there's a more secure way to accomplish what you need, or at minimum, revert to more restrictive permissions once the operation is complete.

Best Practices for File and Folder Permissions

  1. Principle of Least Privilege: Always use the most restrictive permissions that still allow your site to function
  2. Avoid 777: Almost never use 777 permissions as they present a significant security risk
  3. Special Treatment for Sensitive Files: Give configuration files containing passwords or API keys more restrictive permissions (600 or 640)
  4. Regular Audits: Periodically review your file permissions, especially after installing new software
  5. Default Values: When in doubt, use 644 for files and 755 for directories
  6. Temporary Changes: If you need to temporarily increase permissions for an installation, remember to revert after completion

If you need assistance with file permissions or are experiencing permission-related issues, please contact our support team.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How do I upload files to my hosting account using File Manager?

Uploading Files to Your Hosting Account Using File Manager File Manager is a powerful tool in...
How do I use FTP to manage my website files?

Using FTP to Manage Your Website Files File Transfer Protocol (FTP) is a reliable method for...
How do I create and extract ZIP archives in cPanel?

Creating and Extracting ZIP Archives in cPanel ZIP archives are a convenient way to compress...
How do I edit files using the cPanel File Manager?

Editing Files Using the cPanel File Manager cPanel's File Manager includes a built-in text...
How do I back up my website files?

Backing Up Your Website Files Creating regular backups of your website files is essential for...