One option that you might have seen when exploring cPanel is the ability to change your file permissions. You may know that setting file permissions is important to security, but you may have been overwhelmed by the number of options. So let’s take a quick refresher course on this topic, because you are right: it is important.
First, let’s make sure everyone is up to speed. To set a file’s permissions, first go to the File Manager, click the name of the file (or directory) that you want to adjust, and on the top menu on the File Permissions page you’ll see a link that says “Change Permissions”. Click on it and let’s get started.
Three user levels
There are three user types. First the user called “User,” which is whoever is listed as the owner of the file. Skipping the second for a moment, the third is “World,” meaning anyone who might have the ability to access this file: other users on your server, server applications, or external users if the file is a web page being accessed across the web.
The second, “Group,” takes some explanation. Sometimes you want to restrict certain types of access to only certain people. For these people, you create a “group.” Each file already belongs to some group by default. Whatever group it does belong to, any users listed as part of that group have the access rights that you afford to them, which can be different from those associated with either “User” or “World.”
Three access types
The access types are a little more well known. “Read” means just that: you (“you” meaning whoever is trying to access the file) can see the file and its contents. “Write” means you can alter the file’s contents. “Execute” means that you can run the file as a program.
Three times three equals … a lot of questions
A file thus has nine (3 times 3) total permissions that it can turn on or off. Your goal in deciding which of these to set how is to make sure that everyone you want to access the file can, and everyone you don’t can’t. How do you?
This one area in which you are going to want to contact your service provider. Your files are often not just accessed by web surfers, but also by a host of on-server resources, and sometimes some of them will break if your files aren’t set the way they should be. One example is as follows; If you have a directory in which logs of hits to your web site are kept, and you set the directory to give no one but you any permissions, then the server might not be able to send your your logs each night.
When in doubt, make it read-only
A good rule of thumb is that you want to make sure that you always have full permissions, but hold the group and world access levels to read-only. This reduces the chance that anyone can fool around with your site, but still leaves it accessible to anyone who truly just needs to read its contents.
Nonetheless, check your cPanel web host online documentation as they will often have information listed about which files and directories need which settings. If you don’t see what you’re looking for there, ask them. Trust me, bad file settings can potentially be just as much of a headache for them as it could be for you.
