Chmod 777 to a folder and all contents on Apache web server

web-hosting apache htaccess webserver

12,714

Solution 1

On Windows use Putty to connect to your server's command line.

On Mac you can make a SSH connection using a program called Terminal. Open the terminal, type ssh @ and hit enter. Type in the info to connect to your server.

chmod is a command line program. It is not an Apache configuration, which is what is put into .htaccess.

chmod 777 is a very open permission setting so use it with caution.

Solution 2

I want to tell you why chmoding to 777 is not necessary. See the other answers on how to set the permissions.

I'd strongly discourage chmoding to 777.

At most chmod to 775, that should give you more than enough rights and leave you a little less exposed.

Just in case you're not familiar what 777 or 775 means I'll explain it here:

The first digit sets the permissions for the owner (user) of the file.
The second digit sets the permissions for all the users in the group that owns the file.
The third digit will set permissions to all the other users.

The value of each digit can range from 0 to 7. It defines if a user can read, write or execute the file.

The above mentioned permissions each have a value:

4 read
2 write
1 execute

You can add up the values of the required permissions to get one digit.

For example: lets say the owner of the File should be allowed all, the group only read and write and the rest should only be allowed to read a file:

User: 1+2+4=7
Group: 2+4=6
World: 4=4

This would result in the following command:

chmod 764 /somedir

For a webserver 755 should normally be more than sufficient.

I'm assuming that the owner of the files is the same, as the one the webserver is running under, thus you and you're scripts will have write permission.

In environments with multiple websites often the user is set per site and the group is used for all websites. So if the group has write permissions a badly configured server can lead to others being able to change your files.

For all the other users (world) it is absolutely not necessary to be able to modify your files. You could probably even set the permissions for world to 0 (no permissions) and it would not break your site. This depends on your setup though.

12,714

RSM

Updated on September 18, 2022

Comments

RSM over 1 year
I have just got new hosting for my website and I have a directory /www which I put all my website files within and a folder in that directory called 'store'.

Within 'store' is several files and folders, I want to give the folder 'store' and all files and folders within the 'store' folder all permissions.

How do I do this? I am guessing via .htaccess.

I have tried inserting
```
chmod 777 -R /store
```
Into the .htaccess file but didn't work. Threw a big on screen error at me.

I want to make all the files and folders within /store writable.
Fiasco Labs over 12 years

777 file permissions is a hacker bait situation as you've made your store directory world writable. Any errors in scripting allow for external modification of your site at the will of whoever discovers it.
Ali Demirci over 12 years

This comment belong with the question not with my answer.
Fiasco Labs over 12 years

chmod 777 is a very open permission setting so use it with caution I meant it as an added explanation to your observation if that's ok. Stores sometimes include upload functions. All it takes is to get it to accept a script, call it in a web browser and the nut is cracked.
Fiasco Labs over 12 years

Apache web servers running suphp or suexec will force 755 (standard procedure on shared servers). Apache servers in dedicated server/VPS environments that aren't running these security mechanisms may require 775. When properly set up, even these will allow 755 directories, 644 standard files and 755 executables to be usable. So even if you figure out how to 777 your files and folders on a shared server, you may get the access denied finger and error messages in your web server error log.