Knowledge Base

Understanding File Ownership and PHP 5 Permissions

PHP 5 currently runs under the suPHP module, and executes as a CGI. This means that all scripts will run under your User ID, and NOT the user ID of the web server.

All files must be owned by your user ID and the permissions must be 640 for files and 755 for directories. Any files that are "group-writable" (664/775) or "world-writable" (666/777) will result in a 500 Internal Server Error.

If you previously had the default PHP4 enabled for your account and switch to PHP5, you may need to check all your file permissions to be sure all files are 640 and directories 755. You can change these in most FTP clients.
Note: special files such as '.fcgi' may need 755 permissions to make them executable.

Here is an example of a directory listing with Unix permissions:

-rw-r-----   john john   566 May 23 19:05 index.php     # This is chmod 640 (correct)
-rw-rw-rw-   john john  171 May  7 21:00 main.php       # This is chmod 666 (incorrect)
drwxr-xr-x   john john  4096 Jan 1 21:00  folder1/      # This is chmod 755 (correct)
drwxrwxrwx   john john  4096 Jan 1 21:00  folder1/      # This is chmod 777 (incorrect)

If you are comfortable with using SSH and Unix commands, you can enter these two commands to remove group/world-writable permissions:

[email protected] [/home/john]$ chmod -R g-w *        # Removes group-writable
[email protected] [/home/john]$ chmod -R o-w *        # Removes world-writable

Did you find this article helpful?

Please leave us some feedback so we can improve this article.

* Your feedback is too short