WordPress file permissions Ubuntu

Correct file Permissions for the wp- content folder:

Setting the permission of the folder so that only the owner can write and execute permissions is vital. To do this, set the wp- content folder permissions to 755 and the files inside to 644 to provide the right protection against unauthorised access.

After WordPress installation, to make your website secure you can follow the below commands, or you can create a shell file and paste the commands.

These commands will prevent wordpress update. as we have taken write permission from wp- admin, wp- includes and all other files.

#!/bin/bash

#enable output
set -x

# Set all files and directories user and group to ubuntu or the current admin user
sudo chown ubuntu:ubuntu -R *


# Set wp-config ,uploads folder user and group to www-data
sudo chown www-data:www-data -R wp-content/

# Set all directories permissions to 755
sudo find . -type d -exec chmod 755 {} \;

# Set all files permissions to 644
sudo find . -type f -exec chmod 644 {} \;

#make index.php read only, only admin can update
sudo chmod 444 wp-config.php

#make wp-config read only, only admin can update
sudo chmod 444 index.php
Code language: PHP (php)

WordPress Update

When you want to update your wordpress, then follow these commands, this will make the files and directory writable.

#!/bin/bash

#enable output
set -x

#make all files writable for your web server
sudo chown www-data:www-data -R *

#make index.php read only, only admin can update
sudo chmod 444 wp-config.php

#make wp-config read only, only admin can update
sudo chmod 444 index.php
Code language: PHP (php)

Once you complete the update, then follow the first set of commands to lock files and directory again.

Here is the preference video attached;