Fixing the permissions of files and directories

As any web site administrator knows, file and directories permissions are the first gatekeeper on the way to having a site hacked. Having 0777 permissions lying around is a big mistake and could prove fatal to your site. For more information, read my blog post. Ideally, you should only have 0755 permissions for your directories and 0644 for your files.

On other occasions, we have all run across a misconfigured server which gives newly created files and directories impractical permissions, like 0600. This has the immediate effect that newly uploaded or created files are not accessible from the web. Fixing those permissions is a tedious process, hunting down the files with FTP and changing their permissions manually. Ever so often this becomes so tedious that we are tempted to just give 0777 permissions to everything and get done with it. Big, fatal mistake.

The solution to those permissions problems is the Fix permissions tool of Admin Tools. Its mission is as simple as it gets: it will give all your directories 0755 permissions and all of your files 0644 permissions. Obviously, this only has effect on Linux, Mac OS X, Solaris and other hosts based of UNIX-derivative Operating Systems, i.e. everything except servers running on Windows.

[Note]Note

You can customize the permissions per folder and file using the Permissions Configuration page.

[Warning]Warning

It is possible that —if you select the wrong kind of permissions in the Permissions Configuration page— you will be locked out of your site and will not be able to access it over FTP or your hosting panel's file manager. If this happens, please contact your host and ask them to fix the permissions of your site.

When you click on the Fix Permissions tool you are going to see the "Fixing Permissions..." pop-up window with a progress bar filling up as Admin Tools is changing the permissions of all your directories and files.

Fixing permissions

When it's over the progress bar will fill up and the title of the page changes to "Finished fixing permissions":

Finishing fixing permissions

No permissions have been changed on my site. Why?

It's a matter of ownership. If you are on a host which doesn't use suPHP, your files and directories are owned by a different user than the one the web server is running under. In this case the only option is to use an FTP client to manually change the permissions.

Configuring the permissions of files and directories

By default, Admin Tools will apply 0755 permissions to all of your directories and 0644 permissions to all of your files. However, this isn't always desirable. Sometimes you want to make configuration files read-only (0400 or similar permissions) or give a directory wide-open (0777) permissions. While this is not recommended, it may be the only option on some shared hosts for several extensions to work. Most notably, some extensions need to be able to append to files —e.g. Akeeba Backup needs to append to its log and backup archives— which is impossible to do over FTP and, therefore, requires wider permissions. With Admin Tools you can do that using the Permissions Configuration button in the plugin control panel.

Configuring the permissions

When you launch this feature you see a page split in three sections.

The top section, titled Default permissions, allows you to configure the permissions which will be applied if nothing different is configured. Use the drop-down lists to select the default permissions for directories and files (the default setting is 755 and 644 respectively), then use the Save default permissions button to apply the setting.

The middle section shows the path to the currently selected directory and allows you to quickly navigate through the folders by clicking on their names.

The bottom section is split in two panes, Folders and Files. Each pane lists the folders and files inside the current directory. Clicking on the name of a folder will navigate inside that folder. There are three columns next to each folder. The first displays the current owner (user:group format). The second displays the current permissions of that directory in the file system. The final column contains is a drop down list. The default setting, represented by dashes, means that there is no specific preference for this folder/file and the default permissions will be applied to it. If you select a customized permissions setting remember to click the Save custom permissions button before navigating to another folder or returning to the control page, otherwise your settings will be lost.

[Important]Important

None of these customized permission settings are applied immediately. You will need to launch the Fix Permissions feature for them to be applied. Return to the Control Panel page where you can find this button.

Alternatively, you can click on the Save and Apply custom permissions button to immediately save and apply all custom permissions you see on this page. If you don't see the permission changing, please take a look at the previous section of this user's guide for more information on what you have to do.

Cookies Notification - Action required

This website uses cookies to provide user authentication and improve your user experience. Please indicate whether you consent to our site placing these cookies on your device. You can change your preference later, from the controls which will be made available to you at the bottom of every page of our site.