File vs Directory Permissions
File vs Directory Permissions How They Behave Differently
Files and directories follow the same permission bit system, but the effect of r, w, x is **completely different between them. Misunderstanding this is one of the top causes of WordPress upload, plugin install, CLI, and SSH access issues. This module ensures you never break file access on your VPS.
What You Will Learn
- Difference between file and directory permission behavior.
- How
r,w,xapply differently on files vs folders. - Why directories require
xto enter. - WordPress-specific consequences (uploads, plugins, wp-cli).
- Real secure production permission examples.
- Debugging matrix + command lab + checks.
5W + 1H Framework
| Question | Answer |
|---|---|
| What | distinction between file and directory permissions |
| Why | reading, editing, uploading, executing WP tasks |
| Where | /var/www/, wp-content/, logs, scripts |
| When | deployments, fixing upload issues, security hardening |
| Who | owner / group / www-data / dev users |
| How | using chmod + understanding bit semantics |
Core Principle
Files = content access
Directories = container access (enter, list, modify)
Even if a file is readable, you cant access it if directory permissions block you.
Permission Semantics Table
For Files
| Bit | Meaning |
|---|---|
r | can read file contents |
w | can modify file contents |
x | can execute file (scripts, binaries) |
For Directories
| Bit | Meaning |
|---|---|
r | list files (ls) |
w | create/delete/rename files in it |
x | enter directory (cd, access files) |
Directory Execute (x) = Access Permit / Door Key
Without
x, directory is visible but inaccessible.
Practical Real-World Comparison
| Action | File Needs | Directory Needs |
|---|---|---|
| Read file content | r | x |
| Edit file | w | x |
| Run script | x | x |
| List directory | — | r + x |
| Enter directory | — | x |
| Create/delete file | — | w + x |
WordPress-Specific Rules
| Function | Required Permission |
|---|---|
| View site content | files need 644 |
| Upload images | wp-content/uploads needs 755 |
| Install plugins/themes | directories need x |
| Run wp-cli | files 644, dirs 755 |
| Secure wp-config | 600 |
WP Standard Permissions (Numeric)
| Type | Recommended |
|---|---|
| Files | 644 |
| Directories | 755 |
| wp-config.php | 600 |
WP Standard Permissions (Symbolic)
| Type | Recommended |
|---|---|
| Files | chmod u=rw,go=r |
| Directories | chmod u=rwx,go=rx |
| wp-config.php | chmod u=rw,go= |
Command + Expected Output
Set correct WP perms
find . -type d -exec chmod 755 {} ;
find . -type f -exec chmod 644 {} ;
chmod 600 wp-config.php
Check:
ls -l
Expected snippet:
-rw-r--r-- wp-settings.php
drwxr-xr-x wp-content
-rw------- wp-config.php
Common Misconfig Mistakes
| Mistake | Result |
|---|---|
Directory 644 | Cannot enter folder, WP breaks |
Files 755 | Public executes, security risk |
uploads 644 | Cannot upload images |
wp-config 777 | Critical security hole |
Static vs Dynamic Approach
| Mode | When |
|---|---|
| Static (644/755) | production default |
| Dynamic permission patch | troubleshooting uploads/plugins |
| Harden config (600) | after setup |
Go-Live Checklist
| Check | Command |
|---|---|
| File perms | find . -type f -perm 777 |
| Dir perms | find . -type d -perm 777 |
| Config perms | stat wp-config.php |
| Directory traversal | ls -ld wp-content/ |
Goal:
files readable, directories traversable, config locked.
Troubleshooting Matrix
| Symptom | Root Cause | Fix |
|---|---|---|
| Uploads fail | missing x on directories | chmod -R 755 wp-content/uploads |
| Plugins fail | wrong folder perms | find . -type d -exec chmod 755 {} ; |
| 403 forbidden browsing dirs | +x missing | chmod a+X wp-content |
| WP CLI fails creating files | no write on dir | chmod g+w wp-content/uploads |
Quick Lab
Fix core WP perms & test directory traversal
cd /var/www/your-site/public_html
find . -type d -exec chmod 755 {} ;
find . -type f -exec chmod 644 {} ;
chmod 600 wp-config.php
ls -ld wp-content/
ls -l wp-config.php
Verify success:
/wp-content/isdrwxr-xr-xwp-config.phpisrw-------
Cheat Sheet
Files → need r to read, w to edit, x to execute
Directories → need x to enter, r to list, w to create/delete
Essential:
Files: 644
Directories: 755
wp-config: 600
Mental rule:
x on files = execute script
x on directories = enter the folder
Mini-Quiz
- Directory without
x?
- Can't enter
- File without
r?
- Can't read
- Directory listing requires?
- r + x
- WP folders default?
- 755
- wp-config secure mode?
- 600