These are my file permissions. Further CHMODs required?

  • I’m on a shared hosting platform.

    wp-config.php = 600
    files = 644
    directories = 755

    My sites seems to still be working although I haven’t tired any WordPress upgrades or plugin updates yet. Are there additional permissions I should apply?

    I also applied the following from the WP Hardening Blog to all my htaccess files:

    <IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator James Huff

    (@macmanx)

    That’s what they should be, so no further modifications to permissions required.

    You may also want to implement some (if not all) of the recommended security measures.

    Thread Starter osu9400

    (@osu9400)

    Thanks for the reply. Why doesn’t the WP core have module for permissions? Even if it can’t make changes for you, it could alert you to potential issues. Something in the core like this could prevent a lot of security woes.

    Moderator James Huff

    (@macmanx)

    Proper permissions can vary depending on the server configuration, too much variation to build something in core for it.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘These are my file permissions. Further CHMODs required?’ is closed to new replies.