File and directory permissions is a complex topic. This article provides a basic overview for CS-Cart administrators. If you have any questions or need help with setting permissions, contact HostPapa Support by opening a support ticket. Details about how to open a support ticket are here.
Understanding permissions on HostPapa servers
Permissions determine which users are allowed to perform which actions on a file or directory. In Unix-based operating systems, like those installed on HostPapa servers, permissions are defined by a combination of file ownership and permission types. Every file and directory on a server has a set of permissions applied to it.
File and directory permissions overview
There are three permission types that can be applied to a file or directory – read, write, and execute.
|Permission type||When applied to directories||When applied to files|
|Read (r)||Can view the names of the files in the directory.||Can view the contents of the file.|
|Write (w)||Can delete the directory, and create, delete, and rename files in the directory.||Can change and delete the file.|
|Execute (x)||Can access the directory and view details (or metadata) about files in the directory||Can run executable files such as scripts and programs|
In a Unix-based operating system, there are three user types – user, group, and other. A user can be a regular user or a system account. Typically, regular users interact directly with files and directories, such as creating and updating files, and system users run non-interactive, background processes.
|User||The file or directory owner.|
|Group||A group is a collection of users. Every user belongs to at least one group. Files and directories are assigned a group.|
|Other||Everyone else. These are users other than the file or directory owner or members of the group.|
How permissions are displayed
File and directory permissions are often described using a three-digit numeric notation or nine-character symbolic notation.
In numeric notation, the first number describes the owner’s permissions, the second number describes the group’s permissions, and the third number describes other’s permissions.
In symbolic notation, the first three characters describe the owner’s permissions, the middle three characters describe the group’s permissions, and the last three characters describe the others’ permissions. A dash indicates that no permission is granted. For example, rw-r—– describes shows that the user (first three characters) has read and write permission, users in the group (middle three characters) have only read permission, and others (last three characters) have no permission.
Some examples of common permission sets are in the table below.
|Numeric notation||Symbolic notation||Owner’s permissions||Group’s permissions||Others’ permissions|
Checking and changing permissions
You can check and change file and directory permissions in your cPanel File Manager.
Log in to your HostPapa dashboard and click My cPanel, then click File Manager.
Make sure that File Manager is configured to include hidden files in the file list. Click Settings in the upper right corner and select Show Hidden Files. Click Save.
Select the file or directory you want to check the permissions for and then click Permissions.
In the Change Permissions dialog box, the permissions are displayed in numeric notation and permission type.
This example shows a file with 644 (or rw-r–r–) permissions. The owner can read and write (rw-), the group can read (r–), and others can read (r–).
In the cPanel File Manager, the other user is called ‘World’.
Change permissions by selecting the appropriate check boxes and making sure the numeric notation displays the correct permissions for the file, for example 644. Click Change Permissions.
After installation, most CS-Cart files have 644 permissions and directories have 755 permissions. However, the var, images, and design directories, and all their subdirectories and files have 777 permissions. These permissions allow CS-Cart to upload files and make application changes. The config.local.php file has 666 permissions. For security reasons, we strongly recommend that when the installation is complete, you change the file and directory permissions to the following:
|File||Change permissions to…|
|config.local.php||644 / rw-r–r–|
|design/.htaccess||644 / rw-r–r–|
|design/index.php||644 / rw-r–r–|
|images/.htaccess||644 / rw-r–r–|
|images/index.php||644 / rw-r–r–|
|var/.htaccess||644 / rw-r–r–|
|var/index.php||644 / rw-r–r–|
|var/themes_repository/.htaccess||644 / rw-r–r–|
|var/themes_repository/index.php||644 / rw-r–r–|
If you have any questions or need help, contact HostPapa Support by opening a support ticket. Details about how to open a support ticket are here.