. The more popular WordPress is made and the more high traffic and influence sites use it, the more it becomes target of hackers and other riff-raff .
That is why you have to have some clear issues and ensure WordPress as best as possible.
One of the most important elements when it comes to securing any website is ] permissions (UNIX) of files and folders and the base rule in WordPress would be the following:
- 644 for files
- 755 for folders
You'll see that in most of the occasions it is not you need to change these permissions because either your hosting server or the same WordPress already loads them correctly, but it's not always like that.
So it's good to check your installation's permissions and follow the basic rule that I have written before. If after changing the permissions some plugin or issue gives you problems you can change the permissions to the specific folder or file required, but always being aware that you are leaving a possible security hole .
Examples of You can have special permissions with the folders " cache ", where the themes store the thumbnails and some temporary files plugins, which many times – or almost always – have to have permissions 666 or 777 (total ) or some plugins that have a configuration file that also requires special permissions.
In these cases, measures the decision well, because sometimes it is better to change to a plugin that offers the same without that " peculiarity " to leave a possible gap for hacker input.
If you want to review the file permissions some options are these:
- File manager ivos of your accommodation, where you can browse folders and there is always a link or button to change folder permissions
- FTP client as Filezilla or Transmit, in which by right clicking on any file or folder you can change the permissions or access the information window of the above and change them.
- FTP plugin for WordPress, a "pluginized" version of FTP client like – for example – Filepress where you will also find this possibility.
Actually changing permissions of files and folders is simpler than it seems, and the security of your WordPress deserves the small effort, do not you think? .
Also, it does not hurt to never help you one ] WordPress security suite .