Accessing the server now I talk about WordPress permissions on your server, you will be able to set the file permissions to different components of your WordPress site, it is important those file permissions are correct.
At the below screen you can see WordPress site, which is open in ftp application, are listed here, in form of numbers. If you select here any file after that right click and file permission inside FileZilla you can see permissions.
- 6 Number Permission: refers to owner permission (the owner has the permission of reading and writing but not execute. The owner, in this case, is the server itself.
- The next number is 4 Permission applies to the group that allows accessing.
- The content, the group should have only able to read the content not write and execute.
- The last number, 4 Permission is, which applies to refer public permissions, may be the most important.
- These the all the people, get your site from outside and it is very important, these people only read, the content, not write and not execute.
Now you might ask when the people access your site.
In addition, in WordPress, you also have to set folders, and you notice that you all the folders by default Set 755.
- Select folder.
- Right click.
- File permissions.
You see that for the folder the owner has read write and execute permissions, and for the group and public has read permission, execute permission this is simply because the execute command is active getting to the folder.
You have to be gain the access to the folder.
These are the by default settings for both files and folders in WordPress.
These are the security settings.
Any folder should have 0755 and any file should have 0644.
The great thing how WordPress configured when you install WordPress or when WordPress is updated. All the files automatically get 0644 attributes.
All the folders get 0755 attributes so even you Missed up these settings, WordPress itself on next update will fix for you.
Knowing this you also should know in some rare cases, your host may go in change these settings, and make the security even higher and in some rare cases, they may do things, like change the wp.config settings.