Skip to main content

What are the default file permissions for public_html?

Alex Jankowiak
  • Updated

Directory permissions are important for the security and usability of your websites and files. What are the default permissions?

Sometimes, when migrating servers or changing PHP handlers, your site can become unresponsive due to permissions errors. This document will help return your permissions to default.

 

Answer

These permissions change based on the configuration of your server

In most situations, the default permissions should be used:

By default, when using FileProtect, enabling mod_itk or mod_ruid2 will allow public_html to be owned entirely by the user. More information is available here.

/home/cptest/public_html - p1 -# ls -la
total 16
drwxr-x--- 4 cptest cptest 84 Jul 1 04:37 .
drwx--x--x 15 cptest cptest 4096 Jun 28 03:41 ..
drwxr-xr-x 2 cptest cptest 6 Jun 13 02:58 cgi-bin
-rw-r--r-- 1 cptest cptest 128 Jul 1 04:37 index.php
drwxr-xr-x 2 cptest cptest 22 Jul 1 00:41 test
-rw-r--r-- 1 cptest cptest 128 Jul 1 00:39 test1.php
-rw-r--r-- 1 cptest cptest 82 Jul 1 00:40 test2.php

Without FileProtect, the permissions require the nobody group to have access to the directory:

/home/cptest/public_html - p1 -# ls -la
total 16
drwxr-x---  4 cptest nobody   84 Jul  1 04:37 .
drwx--x--x 15 cptest cptest 4096 Jun 28 03:41 ..
drwxr-xr-x  2 cptest cptest    6 Jun 13 02:58 cgi-bin
-rw-r--r--  1 cptest cptest  128 Jul  1 04:37 index.php
drwxr-xr-x  2 cptest cptest   22 Jul  1 00:41 test
-rw-r--r--  1 cptest cptest  128 Jul  1 00:39 test1.php
-rw-r--r--  1 cptest cptest   82 Jul  1 00:40 test2.php
  • public_html is owned by the user, the group "nobody" and has permissions of 750
  • Files and directories inside are owned by the user and the user's group
  • Files have 644 permissions
  • Directories have 755 permissions

When using both an Apache module (mod_ruid2, mod_suexec) and a PHP handler (suPHP, LSAPI, PHP-FPM), you can limit permissions further. This is an example of the most restricted you could set your permissions to when using mod_suexec and suPHP:

/home/cptest/public_html - p1 -# ls -la
total 24
drwxr-x---  4 cptest nobody  118 Jul  1 05:12 .
drwx--x--x 15 cptest cptest 4096 Jun 28 03:41 ..
drwxr-xr-x  2 cptest cptest    6 Jun 13 02:58 cgi-bin
-rw-r--r--  1 cptest cptest  281 Jul  1 05:04 .htaccess
-r--------  1 cptest cptest  128 Jul  1 04:37 index.php
drwx--x---  2 cptest nobody   39 Jul  1 05:16 test
-r--------  1 cptest cptest  128 Jul  1 00:39 test1.php
-r--------  1 cptest cptest   82 Jul  1 00:40 test2.php
  • All directories can be limited to 710 when owned by the group "nobody"
  • All files can be limited to 400

When using suPHP, the permissions checks listed here should be considered.

Related articles