The following information refers to Unix/Linux based server. If your web server is a Microsoft Windows based server(IIS), you should read:How do Windows file permissions work?. Then apply the applicable recommended settings below to your Windows based server.
There are a variety of methods to view the permissions of your website's files. For example, your host's cpanel file browser or a common FTP(File Transfer Protocol) program.
Depending on what you are using, you should see something like this image.
Again, depending on what method you are using, changing the permissions.
Correct file permissions
Each octal digit corresponds to a group of three letters in a specific group. Therefore, the three digits also corresponds to each group as a set of permissions:
-rwxrwxrwx (is broken up into the three distinct groups) \ \ \ -(rwx)(rwx)(rwx) / / / Owner Group Others (always in this order, Owner, Group, Others) 7 7 7 d stands for directory and shows as: drwxrwxrwx instead of -drwxrwxrwx
Note: On some servers you may not see the numbers as shown above, what you see is -rwxrwxrwx or something similar.
It is much easier to say the "octal" sum of a file or directory has 755 permissions than to call out the permissions:
The permission # is a three-digit octal number where the three digits correspond to the access rights of the user who owns the file, the group and other users. Each octal digit is the sum of the permissions granted. To make it easy to understand, just remember:
r = Read = 4 w = Write = 2 x = Execute = 1
If read permission is granted the "octal" number is 4. Add 2 to 4 for a 6 if write permission is granted along with read permission. Then you can finally add 1 if execute permission is granted along with the Read and Write permission. If there are no permission at all, the sum is 0. Just do the Octal Math:
|"Octal" #||(r)ead||(w)rite||e(x)ecute||User or Group or Others|
Now it is time to put it all together. User, Group, Others(Everyone or the World) into a 3 digit "octal" permission number.
This something you NEVER want to be allowed on your server/website unless you are absolutely sure you know what you are doing.
drwxrwxrwx, the "d" is for directory. Of course this is a 777 permission and not recommended!