WordPress Secured File and Directory Permissions - Kvcodes

Congrats, You are Subscribed to Receive Updates.

WordPress Secured File and Directory Permissions

WordPress Secured File and Directory Permissions which will help you to keep your files away from the Hackers view. It’s one of a added security too.


WordPress directory permissions are much more important to secure your files from the hackers. Especially, the Default and config files and common directories.  Here I am going to share some preventive file  and directory permissions to secure your WordPress files.  Let’s start with root directory, Your root directory of the  WordPress(WP ) file system requires 0755 or 0705. The following list can help you to understand easily.

Path					More 		Recommended
root directory			         0705		0755	
wp-includes/			         0705		0755	
.htaccess			         0604		0644	
wp-admin/index.php		         0604		0644	
wp-admin/js/			         0705		0755	
wp-content/themes/		         0705		0755	
wp-content/plugins/		         0705		0755	
wp-admin/			         0705		0755	
wp-content/			         0705		0755	
wp-config.php			         0644		0644

The most secured  Directory permissions for files is 0604. Because it wont allow the group permissions and also the prevent the execute permissions. The following image shows the file permissions.


Likewise you can set the directory permissions.  We have to secure the files which are listed above.




About Varadharaj V

The founder of Kvcodes, Varadharaj V is an ERP Analyst and a Web developer specializing in WordPress(WP), WP Theme development, WP Plugin development, Frontaccounting(FA), Sales, Purchases, Inventory, Ledgers, Payroll & HRM, CRM, FA Core Customization, PHP and Data Analyst. Database Management Advance Level


  1. commenter

    I see where you are going with this, though from experience I can say that hackers don’t care about permissions. 🙂

    Once hacker has installed a back door script, they can simply change all permissions, or delete all files for that matter, without a second thought.

    I applaud you for clarity of your article, though though this may not help inpreventing hackers from modifying or deleting files. A range of other precautions are needed to fully protect against hackers, including ensuring a solid backup of all files is maintained (for ready recovery).

    • commenter

      May it can be overwritten by using remote scripts. This is one of a securing method to prevent hacking. Also this will help not to crawl the bot inside it. You have to secure files using .htaccess is important. Anyhow the method helps to know the better directory permissions.

Comment Below

Your email address will not be published. Required fields are marked *


Current ye@r *



Subscribe E-mail Updates

Congrats, You are Subscribed to Receive Updates.


Category Posts