Unclear what the right file permissions for WordPress are.
Defaults: directories 755, files 644, wp-config.php 600 or 640. No 777 anywhere, ever. That's an open invite for exploits.
Try this first
- 1SSH into the server. SFTP clients show permissions too, but SSH is faster for bulk changes.
- 2Set all dirs to 755: find /path/to/wp -type d -exec chmod 755 {} \;
- 3Set all files to 644: find /path/to/wp -type f -exec chmod 644 {} \;
- 4wp-config.php to 600: chmod 600 wp-config.php. Only the owner (PHP user) reads it.
- 5Owner must be the web server user (www-data, apache, or your cPanel user), not root. Wrong owner produces 'unable to write' on updates.
- 6Test: WordPress should install plugins, upload media and run updates. If not, owner or group is wrong.
When to bring us in
Persistent 'cannot write to wp-content' despite correct permissions? Ask the host for the PHP user and any separate FTP user. The mismatch sits there.
See also
- WordPress, plugins and theme have gone 6+ months without updatesOut-of-date WP is the number-one entry for malware. Don't just hit 'update all', back up first.
- Theme update broke the layout or threw a fatal errorThemes overwrite custom CSS on update unless you use a child theme.
- WordPress shows a blank screen after a plugin install or updateWSOD (white screen of death) is usually one crashing plugin. You isolate it.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.