In any computer, files and programs have a 'permission' level, meaning it states who can read, write, change, or run them. In Joomla! (Linux-based machines) we have three sets of permissions: one for the 'owner', one for the 'group', and one for the 'world'. A common security mistake is setting these incorrectly.
In this short recipe, you will check your permissions for your 'files' and 'folders'.
- Open your FileZilla FTP client and in your Site Manager select your web host
- In the right-hand pane of FileZilla, you will see your files and folders. To the far right (scroll over ) you will see the Permissions and Owner/Group columns as shown in the following screenshot:
There are many files and they should be set (as this is a fresh install) ok. However, it won't hurt to check.
- Click one of the folders then (for Windows ® users) press Ctrl+A. This will highlight all the files and folders in your site. You should see a screen similar to the following:
This partial screenshot shows you have selected everything.
- Right-click in the blue colored portion. Select File permissions…:
- FOLDER PERMISSIONS should be set for 755.
The following items should be checked or filled in:
- Numeric value should be set for 755.
- Check the box Recurse into subdirectories.
- Check the box Apply to directories only.
Note that if you get it wrong, don't worry - you can repeat it.
This process will take a few minutes so be patient.
- File Permissions should be set to 644
- Following the same process as in step 4, highlight all your files and folders, right click, and click your file permissions selection.
This time however you will change the settings as follows:
- Numeric value should be set for 644.
- Check the box Recurse into subdirectories.
- Check the box Apply to files only.
This step will take longer than the DIRECTORIES step.
Once complete you may exit FileZilla.
This will establish the 'permission's properly. Linux sets up three different classes for permissions on each file and folder:
User (u): This is the owner of the file
Group (g): Other users who are in a group and able to access files
Other (o): PUBLIC or the WORLD (meaning - everyone who does not belong to the other two roles)
You noted the numbers 755 and 644. These numbers are represented by the OCTAL numbering system (BASE 8). What they tell the Operating System about the files is as follows:
READ is 4
WRITE is 2
EXECUTE is 1
In OCTAL we add them the same as normal numbers. For example, 4+2+1 = 7. Meaning we give the OWNER of the folder READ, WRITE, and EXECUTE permissions.
Whereas we give the GROUP and OTHER 4+1 = 5, READ and WRITE permission.
On our FILES we give the OWNER 4+2 = 6 and for the GROUP and OTHER we give 4 only - giving them permission to READ ONLY.