Setting Permission for a File or a Folder
In most FTP clients you can simply right click the file whose permissions you wish to set and select the CHMOD option. There will also be a menu item for applying permissions to a selected file or files.
What do these magic numbers (755, 777, 644) mean?
This is the part of installing scripts that causes most trouble for inexperienced users, and the most common cause of errors, so we will take a moment to look at the whole issue of file permissions.
Access to Files
You can give three levels of access to any file:
- Read access
- The file or folder can be read
- Write access
- The file or folder can be written to
- Execute access
- The file can be executed, or folder can be browsed.
In the CHMOD system these levels of access are given numerical values as below:
- Read access = 4
- Write access = 2
- Execute access for files (and browsing for folders) = 1.
The levels of access allowed to any indvidual file is expressed as the sum of these values. for example:
- Read and Write: 4 + 2 = 6
- Read Write and Execute: 4 + 2 + 1 = 7
- Read and Execute: 4 + 1 = 5
You can also allow different types of user different levels of access. The three types of users are
- The owner of the file (you)
- Other users on the same server
- Anyone else
In general Group and Other can be taken to mean the world in general, the Owner is you - the person uploaded the script - and any files on the server which belong to you. To get the CHMOD value of the permission on any given file, the user access levels and numerical file access values are combined. Thus a CHMOD value of 755 would mean:
- Owner: Read, Write and Execute - 4 + 2 + 1 = 7
- Group: Read and Execute - 4 + 1 = 5
- Other: Read and Execute - 4 + 1 = 5
And of 666:
- Owner: Read and Write - 4 + 2 = 6
- Group: Read and Write - 4 + 2 = 6
- Other: Read and Write - 4 + 2 = 6
644 is the default for HTML files - you can read them and write to them, in fact do what you wish to them, everyone else can just read them.
Why do we need to chmod
Many webservers have setup when files are uploaded by one Unix user (every website owner is a different user), and webserver (that runs PHP files) is running under another, common Unix user (often "apache" or "www"). This way permissions 755 are not enough to write files into folder from PHP script, so you need to chmod folder to 707, 770 or even to 777.
Hopefully, more and more hostings are implementing more secure setup (often also named phpSuExec) where scripts are running from the same user that uploaded it, so other customers cannot access your PHP scripts. On these webhostings, you do not need to make any chmod operations.
aMember Setup will give you a suggestion when chmod is necessary. Please do not chmod files if aMember Setup does not ask you to.