Web Hosting Plus Logo



Web Hosting How-To Articles, Help and Information at Web Hosting Plus

What are the correct file permissions for a PHP file?

Back to Help Main Page

As a general rule, the permissions of a PHP file should take one of two sets of values, either 644 or 600.

644 - A PHP file needs to be world readable if it is to be called via your web browser (meaning it is being processed by Apache). Do not include important passwords or secret keys in world-accessible files, as this opens your site up for those with malicious intent.

600 - For include files, typically containing unique keys or passwords (e.g. MySQL credentials, PayPal API Keys). If a PHP file is not accessed directly via your web browser (only referenced via other PHP files), use these permissions.


This is in reply to:

What are the correct file permissions for a PHP file?


Web Hosting Plus Help Main Page