The setup of file permission to a site on a server depends on the specific requirements of your site and the software you use. However, in general, when creating a website on a server, you usually need to set the following file and folder permissions:
- Read: Users must have permission to read your website files, so they can be displayed in the browser.
- Write: Some files and folders may need recording permission, such as files that can be changed, such as log files, configuration files, and more.
- Execute: Files that are executed (in PHP, Python scripts, or others) must have permission to execute.
Usually, web servers have different users, such as “www-data” for Apache, “nginx” for Nginx, and so on. It is important to grant the necessary permission to these users in such a way that they can perform their functions, but do not have unnecessary permission that can be dangerous for the safety of your server.
It is also important to correctly set up file access through a web server to prevent unauthorized access to confidential information. This can be done using web server settings such as .htaccess for Apache or configuration files for NGINX.
Typically, the permission to the website may look as follows:
- For folder: 755 (to access web pages)
- For files: 644 (for HTML, CSS, JS files)
- For the executable files: 755 (for PHP, Python, etc.)
With these settings, you can ensure the optimal level of safety and functionality of your website. However, it is also important to regularly update the software to avoid vulnerabilities that can be used by malefactors.