File permissions control who can read, write, or execute files on a server. They matter because a website needs enough access to run, but not so much access that any compromise becomes worse.
Files and Directories Differ
Files usually need to be readable by the web server. Directories also need execute permission so the server can enter them. Upload directories may need write access, but most application code should not be writable by everyone.
Be Wary of 777
Some old guides tell you to set files or directories to 777. That gives very broad write access. If an installer temporarily needs it, tighten permissions again once installation completes.
Ownership Matters
The right permission depends on who owns the file and which user PHP runs as. On many modern hosting platforms, safer permissions work because the site user owns the files.
Common Symptoms
- Upload failures.
- Plugin updates failing.
- 403 errors.
- Cache files not being created.
- Installers complaining about unwritable folders.
Change permissions carefully and avoid broad changes across the whole site unless you understand the impact.
