000
000 Permission Code:
Use 000 only as a quarantine and investigation tool, never as a normal WP file permission.
Summary:
| No | Statement | Status |
|---|---|---|
| 1 | 000 removes all access for everyone | ✅ |
| 2 | Useful for isolating malware or suspicious files | ✅ |
| 3 | Root can still override | ✅ |
| 4 | Never use on core WP files or directories | ✅ |
| 5 | This is a forensic & security containment tool | ✅ |
Key Takeaways
-
Restore after testing
chmod 644 test.php -
Confirm access denied
-
Set to
000chmod 000 test.php -
Copy a harmless test file
Practice Exercise (Safe Only)
| No | Issue | Fix |
|---|---|---|
| 1 | Locked file cannot be opened | become root or restore perms |
| 2 | Plugin broken after applying | revert permissions |
| 3 | Can't delete file | root remove only |
Troubleshooting
chmod 644 filename
Restore normal state
Access: (0000/----------)
Expected:
stat filename
Verify
chmod 000 filename
Apply lockdown
Commands
Use **only on isolated files during emergency or investigation.
| No | File/Dir | Result | Allowed? |
|---|---|---|---|
| 1 | wp-config.php | site fatal error | ❌ |
| 2 | wp-content/ | site fails to load content | ❌ |
| 3 | plugin/theme file | WP fatal error | ❌ |
| 4 | .htaccess or server config | routing breaks | ❌ |
| 5 | uploads folder | media inaccessible | ❌ |
Situations Where 000 Will Break WordPress
- Want to prevent execution before deleting
- Backdoor found after plugin/theme exploit
- Unknown file discovered in
/wp-content/uploads/or/tmp - Malware detected but you want forensic evidence intact
- WordPress site suspected of compromise
Scenarios Where 000 is Useful
rm suspicious.php
or remove:
chmod 644 suspicious.php
Restore after analysis (if safe)
sudo cat suspicious.php
Investigate safely afterward (root only)
chmod -R 000 wp-content/uploads/.tmp/
Freeze an entire malicious folder
chmod 000 suspicious.php
Quarantine a suspicious script
Typical Security Operations
| No | Use Case | Suitable | Reason |
|---|---|---|---|
| 1 | Malware quarantine | ✅ | isolate active malicious file |
| 2 | Suspicious PHP backdoor | ✅ | neutralize without deleting yet |
| 3 | Lock unknown script during audit | ✅ | prevents execution & viewing |
| 4 | Secure forensic investigation | ✅ | preserve evidence |
| 5 | Normal WP operations | ❌ | breaks functionality |
| 6 | WP core, themes, plugins, uploads | ❌ | site will fail |
WordPress Use Cases
Only root can override this state.
- File becomes completely inaccessible and inert
- No one can modify or delete (unless via
root) - No one can execute the file
- No one can read the file
Behavior
| No | Role | Bits | Access | Allowed? |
|---|---|---|---|---|
| 1 | Owner | --- | no access | ✅ |
| 2 | Group | --- | no access | ✅ |
| 3 | Others | --- | no access | ✅ |
Technical Structure
It is a **special-purpose, emergency, or isolation permission used only when you want to quarantine files or freeze access entirely.
This mode is almost never used in normal WordPress operations.
---------
000 removes **all permissions from a file or directory: no read, no write, no execute for owner, group, or others.