How to Set File Permissions Correctly in cPanel (Beginner’s Guide to Secure Hosting)
Setting the right file permissions is essential to keep your website secure and functional. If files are too open, they can be exploited by hackers. If they’re too restrictive, your site may break or become inaccessible.
In this guide, you’ll learn how to check and set file permissions in cPanel, when to adjust them, and what permission levels are recommended for common use cases.
✅ What Are File Permissions?
File permissions determine who can read, write, or execute a file or folder on your server. These settings are represented as three-digit numbers (e.g., 644, 755) or symbolic codes (e.g., rwxr-xr-x).
The three types of users:
- Owner (you or the script)
- Group (users within your hosting environment)
- Public (everyone else, including visitors)
🚀 How to View and Change File Permissions in cPanel
Step 1: Log in to cPanel
Go to yourdomain.com:2083 or log in via your hosting provider’s dashboard.
Step 2: Open the File Manager
Under the Files section, click File Manager. Then navigate to the folder containing your files (e.g., public_html).
Step 3: Right-Click a File or Folder
Choose Change Permissions from the dropdown menu. A popup with checkboxes will appear, or a numeric input field depending on your theme.
Step 4: Adjust the Permissions
- Use checkboxes to allow/disallow Read, Write, or Execute
- Alternatively, enter a numeric permission value (see recommended values below)
Click Change Permissions to apply.
🔢 Recommended File & Folder Permissions
| Type | Recommended Permission | Description |
|---|---|---|
| Files | 644 | Owner can read/write; others read-only |
| Folders | 755 | Owner full access; others can read/execute |
| wp-config.php | 400 or 440 | Highly sensitive config file (read-only) |
| cgi-bin/ | 755 | Scripts folder (executable) |
⚠️ Never set folders or files to
777(full access for everyone). This is a major security risk.
🔒 Why File Permissions Matter
- Prevent unauthorized users or bots from modifying your files
- Protect sensitive files like
wp-config.phpor.htaccess - Avoid 403/500 errors due to restrictive or incorrect settings
- Ensure scripts and CMS apps like WordPress run smoothly
🧠 Pro Tips
- When in doubt, restore file permissions to
644and folder permissions to755 - After a migration or bulk upload, check for permission mismatches
- Use the built-in permission editor in File Manager — no need for SSH or FTP
🛠️ When to Modify Permissions
- After uploading a new script or plugin
- During troubleshooting of errors like “Permission Denied”
- When tightening site security or cleaning up after malware removal
Setting the correct file and folder permissions in cPanel is a small step that offers big protection. It ensures your website remains secure, functional, and resistant to unauthorized changes.
If you’re unsure what permissions to use or your site is showing errors, reach out to our support team — we’re happy to help you fix it securely.