I recently completed and uploaded a client’s web site to their server. Upon doing so the WordPress website generated an Internal Server Error 500. Checking the .htaccess file and other server settings everything checked out. Looking into their servers error log I discovered a soft error relating to file and folder permissions.
Sure enough, the uploaded project had all sorts of incorrect permissions set. I believe this was caused by an issue with the compression program I was using to archive the project into one file for easier uploading to their server.
Making sure your WordPress installations’ file and folder permissions are set correctly is critical to keeping your WordPress site safe. Not only for security, but if the file and folder permissions are incorrect, you’ll run across any number of issues importing media, creating posts and so on.
There is no “push button” fix for this issue. However, the following solution is simple enough without the use of any plugins and only requires about 5 minutes of attention. You will want to use an FTP client (such as FileZilla) for this. It should also go without saying that you need to have a recent full backup of your website, just in case you push the wrong button(s).
When you’re ready, fire up your FTP client and log onto your web server and follow the instructions below.
Access the main WordPress directory and highlight the following folders: wp-admin, wp-content, and wp-includes
Right click on anyone of those highlighted files and click “File Permissions” at the bottom of the drop down context menu. Change the “Numeric value:” to 755 and check the box “Recurse into subdirectories” and then the radio button for “Apply to directories only“. Click the “OK” button to initiate the process of correcting the folder permissions on your WordPress installation.
Once again, from within the main WordPress directory, highlight all the files within which relate to your WordPress installation.
Right click on anyone of those highlighted files and click “File Permissions” at the bottom of the drop down context menu. Change the “Numeric value:” to 644 and check the box “Recurse into subdirectories” and then the radio button for “Apply to files only“. Note this radio is different from the previous one in Step 1 above!
Once you’ve confirmed the settings are correct, click the “OK” button to initiate the process of correcting the file permissions on your WordPress installation.
Alternatively, you may use a script such as the one I have provided below to automatically correct your WordPress file and folder permissions. Simply upload it to your WordPress website root directory and visit the script using your web browser.
Set CHMOD permissions to 444 on the following WordPress files within your websites’ root directory for enhanced security:
Note: Certain plugins may need to update these files during activation or updating. You may need to manually adjust these permissions from time to time.
I hope this article has helped you fix any WordPress file and folder permission issues you may have been experiencing. I welcome your thoughts, questions or suggestions regarding this article.
Let me know if you found any errors within my article or if I may further assist you by answering any additional questions you may have.
- This article was first published on June 19th, 2019 and was revised on February 21st, 2022 to include my script to automatically resolve the file and folder permissions on your WordPress website using a script.
- Also added a recommend security enhancement for two files within the root WordPress directory.